bg.onpointpublishing.com Open in urlscan Pro
2606:4700:3035::6815:30c3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bg.onpointpublishing.com/womans-masturbation-guide
Submission Tags: falconsandbox
Submission: On September 22 via api (September 22nd 2021, 8:18:37 pm UTC) from US — Scanned from DE

Summary HTTP 183 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 42 IPs in 10 countries across 46 domains to perform 183 HTTP transactions. The main IP is 2606:4700:3035::6815:30c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is bg.onpointpublishing.com.
TLS certificate: Issued by R3 on August 23rd 2021. Valid for: 3 months.

This is the only time bg.onpointpublishing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3035::6815:30c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.166.135.13 188.166.135.13	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	51.15.19.93 51.15.19.93	12876 (Online SAS) (Online SAS)
2	2600:9000:21f... 2600:9000:21f3:e000:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
5	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	2a03:2880:f22... 2a03:2880:f22d:1e6:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
17	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1 10	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
2	213.174.135.25 213.174.135.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6812:ea1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
4	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
7	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	88.198.186.100 88.198.186.100	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
1 2	52.29.24.121 52.29.24.121	16509 (AMAZON-02) (AMAZON-02)
6 16	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
7 11	104.105.231.167 104.105.231.167	6453 (AS6453) (AS6453)
5 7	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	18.156.99.44 18.156.99.44	16509 (AMAZON-02) (AMAZON-02)
1	52.198.4.47 52.198.4.47	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
2 2	213.155.156.167 213.155.156.167	1299 (TELIANET ...) (TELIANET Telia Carrier)
1 1	2600:9000:20e... 2600:9000:20eb:4e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	104.105.231.116 104.105.231.116	6453 (AS6453) (AS6453)
2 2	217.66.147.165 217.66.147.165	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2 2	18.156.147.57 18.156.147.57	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	63.251.14.3 63.251.14.3	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
183	42

10 2606:4700:3035::6815:30c3 (United States)

ASN13335 (CLOUDFLARENET, US)

bg.onpointpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onpointpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.135.13 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

go5s.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.19.93 (Haarlem, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 51-15-19-93.rev.poneytelecom.eu

lib1.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:e000:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vasgenerete.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f22d:1e6:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.181.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:ea1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.246 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.186.100 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-186-100.clients.your-server.de

notification.tubecup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.24.121 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-24-121.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.105.231.167 (Atlanta, United States) 7 redirects

ASN6453 (AS6453, US)
PTR: a104-105-231-167.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.220.241 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.99.44 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-99-44.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.198.4.47 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-4-47.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (Uppsala, Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4e00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.105.231.116 (Atlanta, United States) 1 redirects

ASN6453 (AS6453, US)
PTR: a104-105-231-116.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.165 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-165-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.147.57 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-147-57.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.14.3 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	157 KB
31	doubleclick.net 7 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	215 KB
27	2mdn.net s0.2mdn.net	173 KB
18	taboola.com cdn.taboola.com trc.taboola.com images.taboola.com pips.taboola.com cds.taboola.com	249 KB
11	casalemedia.com 7 redirects dsum-sec.casalemedia.com ssum.casalemedia.com	10 KB
10	onpointpublishing.com bg.onpointpublishing.com onpointpublishing.com	228 KB
9	youtube.com www.youtube.com Failed	682 KB
7	adnxs.com 5 redirects ib.adnxs.com	7 KB
7	a-mo.net prebid.a-mo.net	2 KB
4	adform.net adx.adform.net	827 B
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	google.com www.google.com adservice.google.com	15 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	43 KB
3	mts.ru 3 redirects sm.rtb.mts.ru tech.rtb.mts.ru	2 KB
3	googletagservices.com www.googletagservices.com	105 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	pubmatic.com 2 redirects image2.pubmatic.com	647 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	732 B
2	de17a.com 2 redirects d5p.de17a.com	720 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	360yield.com 2 redirects match.360yield.com	787 B
2	openx.net 2 redirects rtb.openx.net	759 B
2	adtriba.com 1 redirects d.adtriba.com	757 B
2	creativecdn.com prebid-eu.creativecdn.com	372 B
2	4dex.io script.4dex.io	22 KB
2	wpshsdk.com js.wpshsdk.com	21 KB
2	instagram.com 1 redirects www.instagram.com	5 KB
2	wpadmngr.com js.wpadmngr.com	18 KB
2	optad360.io get.optad360.io	184 KB
1	media.net 1 redirects cs.media.net	1 KB
1	smaato.net 1 redirects s.ad.smaato.net	440 B
1	blismedia.com tr.blismedia.com	141 B
1	adingo.jp cc.adingo.jp	44 B
1	tubecup.net notification.tubecup.net	49 B
1	google.de adservice.google.de	853 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	ytimg.com i.ytimg.com	50 KB
1	ggpht.com yt3.ggpht.com	6 KB
1	wpushsdk.com js.wpushsdk.com	3 KB
1	vasgenerete.site vasgenerete.site	239 B
1	nawpush.com na.nawpush.com	462 B
1	jquery.com code.jquery.com	82 KB
1	lib1.biz lib1.biz	15 KB
1	go5s.biz go5s.biz	15 KB
183	46

	Domain	Requested by
27	s0.2mdn.net	bg.onpointpublishing.com s0.2mdn.net 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com bg.onpointpublishing.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
16	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
9	www.youtube.com	bg.onpointpublishing.com onpointpublishing.com www.youtube.com
9	onpointpublishing.com	bg.onpointpublishing.com onpointpublishing.com
8	cdn.taboola.com	bg.onpointpublishing.com cdn.taboola.com
7	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
7	prebid.a-mo.net	get.optad360.io
6	images.taboola.com	bg.onpointpublishing.com
5	googleads.g.doubleclick.net	1 redirects www.youtube.com 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com bg.onpointpublishing.com
5	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
4	googleads4.g.doubleclick.net	bg.onpointpublishing.com
4	adx.adform.net	get.optad360.io
3	www.googletagservices.com	securepubads.g.doubleclick.net 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
3	005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google.com	www.youtube.com tpc.googlesyndication.com 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
2	ap.lijit.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sm.rtb.mts.ru	2 redirects
2	d5p.de17a.com	2 redirects
2	match.360yield.com	2 redirects
2	rtb.openx.net	2 redirects
2	d.adtriba.com	1 redirects 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	prebid-eu.creativecdn.com	get.optad360.io
2	mug.criteo.com	bg.onpointpublishing.com
2	gum.criteo.com	1 redirects
2	script.4dex.io	get.optad360.io script.4dex.io
2	js.wpshsdk.com	js.wpadmngr.com js.wpshsdk.com
2	fonts.gstatic.com	www.youtube.com
2	trc.taboola.com	cdn.taboola.com
2	platform.twitter.com	bg.onpointpublishing.com platform.twitter.com
2	www.instagram.com	1 redirects bg.onpointpublishing.com
2	js.wpadmngr.com	bg.onpointpublishing.com js.wpadmngr.com
2	get.optad360.io	bg.onpointpublishing.com get.optad360.io
1	ssum.casalemedia.com	1 redirects
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	tech.rtb.mts.ru	1 redirects
1	cs.media.net	1 redirects
1	s.ad.smaato.net	1 redirects
1	tr.blismedia.com	005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
1	s.tribalfusion.com	005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	cc.adingo.jp	005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
1	notification.tubecup.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	get.optad360.io
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	js.wpushsdk.com	js.wpadmngr.com
1	static.doubleclick.net	www.youtube.com
1	syndication.twitter.com	platform.twitter.com
1	vasgenerete.site	js.wpadmngr.com
1	na.nawpush.com	js.wpadmngr.com
1	code.jquery.com	bg.onpointpublishing.com
1	lib1.biz	bg.onpointpublishing.com
1	go5s.biz	bg.onpointpublishing.com
1	bg.onpointpublishing.com
183	64

This site contains links to these domains. Also see Links.

Domain
www.optad360.com
popup.taboola.com
8greatest.com
fa.onpointpublishing.com
cakehd.com
it.onpointpublishing.com
fitsavage.com
tr.onpointpublishing.com
hu.onpointpublishing.com

Subject Issuer	Validity	Valid
*.onpointpublishing.com R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
go1s.biz R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
10.lib2.biz R3	`2021-09-21` - `2021-12-20`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
js.wpadmngr.com R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-07-03` - `2021-10-01`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
na.nawpush.com R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
vasgenerete.site R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
js.wpshsdk.com R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
js.wpushsdk.com R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.a-mo.net R3	`2021-07-16` - `2021-10-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
notification.tubecup.net R3	`2021-08-06` - `2021-11-04`	3 months	crt.sh
*.adtriba.com Amazon	`2021-05-31` - `2022-06-29`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-14`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2021-08-26` - `2021-11-24`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://bg.onpointpublishing.com/womans-masturbation-guide
Frame ID: 969019874961334A015684629B3B262B
Requests: 71 HTTP requests in this frame

Frame: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1
Frame ID: 9D69AA75C39922D83D8455E6AE57179A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1
Frame ID: 2FC299ECB58383BABD38DAC26283F246
Requests: 19 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fbg.onpointpublishing.com
Frame ID: F9AC3A2E5C8D6CACB85AA432A015528D
Requests: 2 HTTP requests in this frame

Frame: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FC2189081AB3D7CD91EE09DA10A312A2
Requests: 1 HTTP requests in this frame

Frame: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F9F2C4015F35B43B878370200561C5BA
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A56B1FA0BE09E38C3744447DB56D4EC0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 873623DA993075F3D7DA7D9932A17C9B
Requests: 2 HTTP requests in this frame

Frame: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AE2E71957D05B85275E3588FBFC32436
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQsqfrAhje9Z2zATAB&v=APEucNVDuz_XCbvaOnQ6YTj8R5uou-YnzCoGESxRMEBLVLkJdldCl7qKQEORzu9rAovw9y3zqKpGgub7Ute_2nlq_nUqiozdHFqjlM8hyrHKDUZsX-xAAHmtYDXlF37rBwHQ1S2OcbfaLjfG0U4w2gsm5pXPUCNCJLD826B6ewI51rbBmy4l4v1-dl7apMq85KwYEaEox8r_udfcNp9BRH2VpgC4lS3V1w
Frame ID: F97C7169F28670996B09903BB256E0E8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhj5rJmxATAB&v=APEucNWItHrXd9hdmu8D9ZupQlW-4PesF-BaSUaP0-yH2VUHqKEeUHzogJkjtpNd9zNpX17Cwrte46pjFm7TuDhC1R_Dp1PDZK3j9wl2EMvK0YDRsAYUK4Ob4eyBSW5NnO1bOapBkr4WS_maq3ugRRuHAH-GwKj1vPk8fYd_5J-eOb654e3noKbHeV_2yFb6Qx8DnB9HIhjdcCO2IqRbqzFnZySkCVDgZQ
Frame ID: 5FDEC3C77E22B83498E7963DCAE3361A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 405733C1E802CD17A3758088FB6994B0
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A7B5B34A82EF52EA2FF2B20C6B693E53
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 64CF8E1B970A5BD5655B42068FD78F74
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
Frame ID: 861D36DCA22F679F35B7F84F919B250F
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC56502DB1D76AEA24A179ED39D9557E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10350127/1623936663589/index.html
Frame ID: A2FC79C0547139573BB4EB1DB8E0617C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Как да мастурбирам за жени: Най-добрите женски съвети и техники за мастурбация - Секс

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

183
Requests

98 %
HTTPS

40 %
IPv6

46
Domains

64
Subdomains

42
IPs

10
Countries

2433 kB
Transfer

7447 kB
Size

47
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.optad360.com/en/?utm_medium=AdsInfo&utm_source=bg.onpointpublishing.com
Title: Ads by optAd360

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=dominip-usd-onpointpublishingcom&utm_medium=referral&utm_content=alternating-thumbnails-a:Below%20Article%20Thumbnails:
Title: by Taboola

Search URL Search Domain Scan URL

URL: http://8greatest.com/2021/02/18/10-most-beautiful-cities-in-italy-see-and-die/?utm_source=taboola2/boats&utm_medium=referral&utm_term=dominip-usd-onpointpublishingcom&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F71edb542c6d1404e27c336a390892366.jpg%20&utm_term=dominip-usd-onpointpublishingcom#tblciGiAoQvIHU74raNZbG3YU1adWw11uCSL7Lu56_De6aLiHuyCM7EEo7rLBlOL-x72cAQ
Title: 8Greatest

Search URL Search Domain Scan URL

URL: https://fa.onpointpublishing.com/best-erotic-stories-read-online

Search URL Search Domain Scan URL

URL: https://cakehd.com/8-things-only-a-loving-man-will-do-for-you/?utm_source=taboola&utm_medium=Even+%2F+5+CakeHD+%2F+ADV23+%2F+Account+3+%2F+8+things+only+a+loving+man+will+do+for+you&utm_campaign=1411487&tblci=GiAoQvIHU74raNZbG3YU1adWw11uCSL7Lu56_De6aLiHuyCLzVEo2NzPrqvQlZ_-AQ#tblciGiAoQvIHU74raNZbG3YU1adWw11uCSL7Lu56_De6aLiHuyCLzVEo2NzPrqvQlZ_-AQ
Title: Relationships

Search URL Search Domain Scan URL

URL: https://it.onpointpublishing.com/5-cheating-wives-explain-why-women-cheat-their-husbands

Search URL Search Domain Scan URL

URL: https://fitsavage.com/10-stretches-to-do-before-bed-to-improve-your-sleep/?utm_source=taboola&utm_medium=Even+2+FitSavage+%2F+Account+2+%2F+ADV36%2F+10+Stretches+to+Do+Before+Bed+to+Improve+Your+Sleep&utm_campaign=1411487&tblci=GiAoQvIHU74raNZbG3YU1adWw11uCSL7Lu56_De6aLiHuyD9rFIousmOuuWnjMFm#tblciGiAoQvIHU74raNZbG3YU1adWw11uCSL7Lu56_De6aLiHuyD9rFIousmOuuWnjMFm
Title: FitSavage

Search URL Search Domain Scan URL

URL: https://tr.onpointpublishing.com/50-best-romantic-love-song-lyrics-share-with-your-love

Search URL Search Domain Scan URL

URL: https://hu.onpointpublishing.com/
Title: onpointpublishing.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 35

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 60

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.onpointpublishing.com%2F&domain=bg.onpointpublishing.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=F9Y7sHx4eTFBd2NQeTByd0VtMGZvQlRuUUpBSWtNY1NlNW54QndxbVFZd2RUb1RCa3BJTSsyOHdBOHRhTFhBcTlqZHY3TVB1Y1Z1VFo2L1VrQzhCbCtnYk1ST2s3ZHZUZGpBUTNjaVllcUwvMXJrb0N3S0VDdnIyOUhzdHZBS3g3bktZbEdKN0NiQUVPY3JtZG00R2NyQmVxUy9XQTZrYWgwbDR6aWVwWEtmQ2xKZjQxSDE4S1dPQU1jVkx6UVo2SkNCNFl2WGZaTktiS3J2TW5jZFk4b2ttRmJBZVVTM1dvalZiUkN4SDZHbkhlSVBVaE9vSC9NK3kraWloZEpGNEJnY1ZrfA&cppv=2

Request Chain 101

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_l_alw-on HTTP 302
https://d.adtriba.com/px.gif

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&C=1

Request Chain 110

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUuPmPtHxOc.0p7cAjVp8wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&google_hm=2

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKoZe_vgw6LozpdJvie_VYs&google_cver=1

Request Chain 112

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxMTYzMjQwMzIyNjUzNjA3MA%3D%3D

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&C=1

Request Chain 114

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUuPmPtHxOc.0p7cAjVp8gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&google_hm=2

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKoZe_vgw6LozpdJvie_VYs&google_cver=1

Request Chain 116

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIzOTUxNjY3NzU4ODQ0OTk5Nw%3D%3D

Request Chain 122

https://rtb.openx.net/sync/dds?google_gid=CAESEFwPL_zihU-gcPpSHH2uaeE&google_cver=1&google_push=AYg5qPKAdg6qvPveT6AI4rZMtQdFi8SeB-J6ldWKH_jTuAl26KRizvAJnc4qnM3Dx04NsRAT3OU3zajTUw2yTlz0vm6QBAyrGDY HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEFwPL_zihU-gcPpSHH2uaeE&google_cver=1&google_push=AYg5qPKAdg6qvPveT6AI4rZMtQdFi8SeB-J6ldWKH_jTuAl26KRizvAJnc4qnM3Dx04NsRAT3OU3zajTUw2yTlz0vm6QBAyrGDY&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKAdg6qvPveT6AI4rZMtQdFi8SeB-J6ldWKH_jTuAl26KRizvAJnc4qnM3Dx04NsRAT3OU3zajTUw2yTlz0vm6QBAyrGDY&google_hm=4dpXE7IbzAELKtYLgfi6nw==

Request Chain 123

https://match.360yield.com/match/ebda?google_gid=CAESEI3sCZyfoEhOWXfjzoTEXRQ&google_cver=1&google_push=AYg5qPIEEVGR-BakzHxo-N3p_wgdyNfEENN1f-922MgGk9aAMiV9xBZ3ZBwLBitS5l1uG-nMbnoOMMrUSi0tUAPqDGWo2v8N-Jd5 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEI3sCZyfoEhOWXfjzoTEXRQ&google_cver=1&google_push=AYg5qPIEEVGR-BakzHxo-N3p_wgdyNfEENN1f-922MgGk9aAMiV9xBZ3ZBwLBitS5l1uG-nMbnoOMMrUSi0tUAPqDGWo2v8N-Jd5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=7N2ObxB6RlGiTvf5xeplIQ&google_push=AYg5qPIEEVGR-BakzHxo-N3p_wgdyNfEENN1f-922MgGk9aAMiV9xBZ3ZBwLBitS5l1uG-nMbnoOMMrUSi0tUAPqDGWo2v8N-Jd5

Request Chain 135

https://a.tribalfusion.com/i.match?p=b6&u=CAESELYgnDldsqaAek0lfiubIxw&google_cver=1&google_push=AYg5qPJIX91MVXzt9Q7OF73uoA2CCIngG9-87IOTN1qR41tjHc3LEkln-g-RX8tGxqcw_VHUqWtY8bDEAFvCVb8J-374uLR0O4oB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJIX91MVXzt9Q7OF73uoA2CCIngG9-87IOTN1qR41tjHc3LEkln-g-RX8tGxqcw_VHUqWtY8bDEAFvCVb8J-374uLR0O4oB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELYgnDldsqaAek0lfiubIxw&google_cver=1&google_push=AYg5qPJIX91MVXzt9Q7OF73uoA2CCIngG9-87IOTN1qR41tjHc3LEkln-g-RX8tGxqcw_VHUqWtY8bDEAFvCVb8J-374uLR0O4oB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJIX91MVXzt9Q7OF73uoA2CCIngG9-87IOTN1qR41tjHc3LEkln-g-RX8tGxqcw_VHUqWtY8bDEAFvCVb8J-374uLR0O4oB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 137

https://d5p.de17a.com/cookies/google?google_gid=CAESEBGW_F_pMWzNikxfogQHJqc&google_cver=1&google_push=AYg5qPKIVPoWSnNzNPoocLpEaZT94rC6jfew3D0J-7sPr1DFmNxQ77KsfHilcDOeQONqVQ9idh68K4jgPd_C5oQCrCDADm_NOxVx HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBGW_F_pMWzNikxfogQHJqc&google_cver=1&google_push=AYg5qPKIVPoWSnNzNPoocLpEaZT94rC6jfew3D0J-7sPr1DFmNxQ77KsfHilcDOeQONqVQ9idh68K4jgPd_C5oQCrCDADm_NOxVx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKIVPoWSnNzNPoocLpEaZT94rC6jfew3D0J-7sPr1DFmNxQ77KsfHilcDOeQONqVQ9idh68K4jgPd_C5oQCrCDADm_NOxVx

Request Chain 138

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEI9UX-wrdxNqtZdbMwj8CCI&google_cver=1&google_push=AYg5qPIVIP9RVMRsA9ycmBM82KGXONsmBETJMsfNRJP_gB_tXp3xQdc_-3QcWc842r5tmpVFcqgMyWc8bvFSSoAPIt09tj6D_wxV HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIVIP9RVMRsA9ycmBM82KGXONsmBETJMsfNRJP_gB_tXp3xQdc_-3QcWc842r5tmpVFcqgMyWc8bvFSSoAPIt09tj6D_wxV

Request Chain 139

https://cs.media.net/cksync?type=g&google_gid=CAESEDEVFA8W072bV47NCKswfcs&google_cver=1&google_push=AYg5qPKG9NYSFkH5sgr8UxEMTf5QfreUMWJRFvnleV_M8MCsRw8PIb-6983nV3yJmRF4eHF1Fj8Awd9kWHJOqPCTyvFGSoKof_3V HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1MzQzNTEyNTYzMTU0NzAwMFYxMA%3d%3d&mn_hm=Mjc1MzQzNTEyNTYzMTU0NzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKG9NYSFkH5sgr8UxEMTf5QfreUMWJRFvnleV_M8MCsRw8PIb-6983nV3yJmRF4eHF1Fj8Awd9kWHJOqPCTyvFGSoKof_3V&gdpr=&gdpr_consent=

Request Chain 140

https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEO_DWpZ-_26IpAzD4Rw0JCs&google_cver=1&google_push=AYg5qPLkJ43JPNzLLD_jS72t9Lj-1r7afgY_A_itN-v81T9LfV91ipfTMuzQy5_-DsXYjd3WaZHiQHGhFcApLsntELZ1sOu8edNqzg HTTP 301
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D32f032c2-2883-425d-aa2b-656cc6a25ba9%26google_push%3DAYg5qPLkJ43JPNzLLD_jS72t9Lj-1r7afgY_A_itN-v81T9LfV91ipfTMuzQy5_-DsXYjd3WaZHiQHGhFcApLsntELZ1sOu8edNqzg&ssp=googleban&exu=CAESEO_DWpZ-_26IpAzD4Rw0JCs HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=32f032c2-2883-425d-aa2b-656cc6a25ba9&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D32f032c2-2883-425d-aa2b-656cc6a25ba9%26google_push%3DAYg5qPLkJ43JPNzLLD_jS72t9Lj-1r7afgY_A_itN-v81T9LfV91ipfTMuzQy5_-DsXYjd3WaZHiQHGhFcApLsntELZ1sOu8edNqzg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=32f032c2-2883-425d-aa2b-656cc6a25ba9&google_push=AYg5qPLkJ43JPNzLLD_jS72t9Lj-1r7afgY_A_itN-v81T9LfV91ipfTMuzQy5_-DsXYjd3WaZHiQHGhFcApLsntELZ1sOu8edNqzg

Request Chain 141

https://ads.avads.net/sync/ggl?google_gid=CAESECX0t6PHX-M2JijH81C_lVM&google_cver=1&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://ads.avads.net/sync/ggl?google_gid=CAESECX0t6PHX-M2JijH81C_lVM&google_cver=1&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w&av_tc=True HTTP 302
https://ads.avads.net/sync/ggl?google_gid=CAESECX0t6PHX-M2JijH81C_lVM&google_cver=1&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w

Request Chain 178

https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9 HTTP 302
https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&apid=UP42e0cc46-1be2-11ec-b823-02d121a62cd4 HTTP 302
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&apid=UP42e0cc46-1be2-11ec-b823-02d121a62cd4&verify=true HTTP 302
https://prebid.a-mo.net/setuid/verizon_video?uid=UP42e0cc46-1be2-11ec-b823-02d121a62cd4&gdpr=0&gdpr_consent=

Request Chain 179

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4a1561ba-27b5-4c8c-b079-bb16bc42e9d9%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=appnexus&uid=2411632403226536070

Request Chain 180

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4a1561ba-27b5-4c8c-b079-bb16bc42e9d9%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=index_rtb&uid=YUuPmPtHxOc.0p7cAjVp8gAA%261121

Request Chain 181

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4a1561ba-27b5-4c8c-b079-bb16bc42e9d9%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4a1561ba-27b5-4c8c-b079-bb16bc42e9d9%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=pubmatic&uid=C0B5BFBD-BF75-462F-9215-FA184804FFFD

Request Chain 182

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4a1561ba-27b5-4c8c-b079-bb16bc42e9d9%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4a1561ba-27b5-4c8c-b079-bb16bc42e9d9%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=sovrn&uid=94c1e3818d7d70692797d79c

183 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request womans-masturbation-guide Show response
bg.onpointpublishing.com/ 22 KB
8 KB 379ms
340ms Document
text/html 2606:4700:3035::6815:30c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac9bd40b1e8b4a03d3fc32024dcaa0736af5916ee170acaae67407ead453a36

Request headers

:method: GET
:authority: bg.onpointpublishing.com
:scheme: https
:path: /womans-masturbation-guide
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 22 Sep 2021 20:18:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9uKaCvQWJHeaUlQcDoHHQ3bQigC3wifE24YDB8vIAPynWx1hefKgXCMd6WUM9%2BkLWQv7Vatkt8W77QfrBeupTn7plpCHhWeUcZ0pUpqq0myisbFhqemq4Fb%2FzIyDZ8vj5kh%2BswV8kroSTeq1mnl2mawI8WSCKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 692e3906d8dbdfd7-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 layers.min.css
onpointpublishing.com/template/css/ 15 KB
4 KB 44ms
18ms Stylesheet
text/css 2606:4700:3035::6815:30c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onpointpublishing.com/template/css/layers.min.css
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72c2003e8b9edfad1ff1f47f6e33ba78f8ba190b0eb5d104b6f1228848c39ff2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 134839
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 19:57:33 GMT
server: cloudflare
etag: W/"604a762d-3a86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfZEFUvC%2Bmd8F%2BJfyXJ4ziZaWig%2FlZOHB%2BurjwCRcPABitCr0OZ95gA8pYedQ8cmaf5u6P%2FKBGoNXNTG%2Biy%2Buaw%2F%2Fd%2B2xIZ%2BnthNIg5vVdjVxWbLpB4RrhCfybIEsClAMkRZl9jYQtIoYWFyD%2BxQ9scYXP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 692e39094c1fdfd7-FRA
expires: Thu, 21 Oct 2021 06:51:10 GMT

GET
H2 200 font-awesome.min.css
onpointpublishing.com/template/css/ 17 KB
4 KB 45ms
19ms Stylesheet
text/css 2606:4700:3035::6815:30c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onpointpublishing.com/template/css/font-awesome.min.css
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1218019
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 19:57:33 GMT
server: cloudflare
etag: W/"604a762d-4574"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SqmGiVuVpkqAiMxQwkeqYfH%2B8s2p7PoZ77O7Jn2DfXBmwuQgM9x3dUmj0lCBylobzyGV2RWTUQR5AmlUGb94jbYaDQhxoC9Ha7knJrHBEueCFkkMWB8ZzJ0%2FG2quGzWXaXRNxizg%2FYArBodkol7lLx%2BGkxk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 692e39094c21dfd7-FRA
expires: Fri, 08 Oct 2021 17:58:10 GMT

GET
H2 200 style.css
onpointpublishing.com/template/css/ 98 KB
15 KB 44ms
18ms Stylesheet
text/css 2606:4700:3035::6815:30c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onpointpublishing.com/template/css/style.css
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3c7ce759838ce8c3ad196db890ebbfbbdf7499177e4c587014ccef302ea0eb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1853900
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 19:57:34 GMT
server: cloudflare
etag: W/"604a762e-18613"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaYoAnY9lMkaPjq2WGzCkaPcWnR5cITONIdOsi3R23EPS4trG2YMwtbsYzA0y2HLwwUaaze7S8NS1zE8ZUPHVjzugQiPmQpMCKxxZbbz6FbW%2BSzsHOaMRvNfx%2B6yVMUcXucqTyqsXE0CsluR9WphGR%2BFzxI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 692e39094c1edfd7-FRA
expires: Fri, 01 Oct 2021 09:20:09 GMT

GET
H2 200 / Show response
go5s.biz/ 14 KB
15 KB 90ms
22ms Script
application/javascript 188.166.135.13
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://go5s.biz/?pu=he4tgmrwmm5ha3ddf42tamzz

Requested by

Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.166.135.13 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

3b052b9dd389c7713e351bde6ff473c0719f525083c7f279f953c9f1c9c05549

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Sep 2021 20:18:30 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 gm4tomlemi5ha3ddf4ytamq Show response
lib1.biz/code/ 14 KB
15 KB 93ms
26ms Script
application/javascript 51.15.19.93
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://lib1.biz/code/gm4tomlemi5ha3ddf4ytamq

Requested by

Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.15.19.93 Haarlem, Netherlands, ASN12876 (Online SAS, FR),

Reverse DNS

51-15-19-93.rev.poneytelecom.eu

Software

nginx /

Resource Hash

91dc970a935475a9d44d404e0016b8bf959eacaf48e7b649097cbdfc77b11514

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Sep 2021 20:18:30 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/ 216 KB
49 KB 75ms
10ms Script
application/javascript 2600:9000:21f3:e000:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/plugin.min.js
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 016eda8d16f5d1dbaa1c84d247bc5efc35638ec20b69376dfcaabbc9ec56b397

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:49:00 GMT
content-encoding: gzip
last-modified: Fri, 03 Sep 2021 12:53:58 GMT
server: AmazonS3
age: 1771
etag: W/"42cbedbbadd88031f383ef4514faa2da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 6arPOtzc3wvFm6ZmjbTaR_B6x2c7NdnoLAlDCydnW3y7qGla2p6E3w==

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 217 B
429 B 60ms
7ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 80de47821654fdda2f463506ec525ef1e5f3788e5aa8638793034fe79162935e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 08:45:08 GMT
server: nginx/1.18.0
etag: W/"61308f14-d9"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 22 Sep 2021 21:18:30 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 womans-masturbation-guide.jpg
onpointpublishing.com/img/sex/62/ 31 KB
31 KB 28ms
27ms Image
image/jpeg 2606:4700:3035::6815:30c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onpointpublishing.com/img/sex/62/womans-masturbation-guide.jpg
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f40d7edadbaea23653f0ae4c003f2db45b25fb6641fe168d2775985eade67a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 46304
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31644
last-modified: Wed, 28 Apr 2021 11:36:16 GMT
server: cloudflare
etag: "608948b0-7b9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVwXXKZHIX0wZ3I%2FxG%2B1EM0YRNj2VktAsklQ2YAd2%2B8B5Mt5ePI4QbJSeXX5rumkh1LtNm0KwokmzVThk%2BxabeR9f46dsOybntX5oynlV9SZ1%2BCd49dS%2F8vviRC1QeeWqbch2bbvTmKpQ6YYvQKCwriWp80%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 692e39097c5bdfd7-FRA
expires: Fri, 22 Oct 2021 07:26:45 GMT

GET
H2 200 horoscope-today-february-28.jpg
onpointpublishing.com/img/zodiac/17/ 55 KB
56 KB 26ms
24ms Image
image/jpeg 2606:4700:3035::6815:30c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onpointpublishing.com/img/zodiac/17/horoscope-today-february-28.jpg
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90c4279f2c5fb35a5913bb2f9155e1a7a88ff31c0bc642ee6f05079dd6b5eaad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2536341
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56829
last-modified: Wed, 28 Apr 2021 11:35:16 GMT
server: cloudflare
etag: "60894874-ddfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FwyuzcWCtuvvVL8u0apHu7sY6Z7fRLY%2B8AdzXUvFEv5YPionuLM%2FLZ3Jq08G5fvUPvDYhtz69EwFQr3kL0BEtNL8DHRl63mw6EW5vchs2W3JPXN4FNM8OtyLiX4FpH2L4LikjImYugNTtbM7y3%2Bvy6MTF3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 692e39097c5cdfd7-FRA
expires: Thu, 23 Sep 2021 11:46:08 GMT

GET
H2 200 23-best-slippers-2020.jpg
onpointpublishing.com/img/self/10/ 31 KB
31 KB 29ms
28ms Image
image/jpeg 2606:4700:3035::6815:30c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onpointpublishing.com/img/self/10/23-best-slippers-2020.jpg
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d55b395bdb8a19fe05b3003f8171c1ed050dd8896afbbbf1d8b209ab9442273

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2284758
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31630
last-modified: Wed, 28 Apr 2021 11:42:10 GMT
server: cloudflare
etag: "60894a12-7b8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QV2Kf%2FlIuD%2FN7TfHrLHj1MR%2BO4Oql1LcxGVrPQFckA%2FdAdH1oK4RZy%2FrsuaZZKAciQe4mlWCnJsgA76PppCjZRHuW6rKFlp%2FPqVllV1A9NUf2MP2%2FyhmwdnugxOB9%2FaAzZbSJdBebLUYcujH0m%2F8FB2gV%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 692e39097c5ddfd7-FRA
expires: Sun, 26 Sep 2021 09:39:12 GMT

GET
H2 200 horoscope-today-february-15.jpg
onpointpublishing.com/img/zodiac/55/ 42 KB
43 KB 28ms
27ms Image
image/jpeg 2606:4700:3035::6815:30c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onpointpublishing.com/img/zodiac/55/horoscope-today-february-15.jpg
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65d2bfe503cc1e8b0174b05d438f234c439137c1d08b3a282f552b5c43b0245c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1764272
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43479
last-modified: Wed, 28 Apr 2021 11:34:50 GMT
server: cloudflare
etag: "6089485a-a9d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxusL5synvanvt83tLNxRcxMNq25NNvp%2FiDBGHJOAoDFpK1kxT8VEw1%2FrOeV5B4%2BUkpGGdvXFiVtmlSkMShTbz8lR8ae7SX%2FIMiLj8bp0bt9waeCcE%2FuM%2FKz6fVv1QTaHfSVVwHVxDjTKfgXMJ0G91sGjMY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 692e39097c5fdfd7-FRA
expires: Sat, 02 Oct 2021 10:13:57 GMT

GET
H2 200 jquery.js Show response
code.jquery.com/ 276 KB
82 KB 34ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery.js
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:08 GMT
server: nginx
etag: W/"54499a48-4508e"
vary: Accept-Encoding
x-hw: 1632341909.dop209.fr8.t,1632341909.cds271.fr8.hn,1632341910.cds103.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 83875

GET
H2 200 plugins.js Show response
onpointpublishing.com/template/js/ 73 KB
27 KB 35ms
34ms Script
application/javascript 2606:4700:3035::6815:30c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onpointpublishing.com/template/js/plugins.js
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae996ae0bf157d7574024452bbbccdc7ec5f7ee1de15e5bf774026ddb2ea386

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 840675
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 19:57:36 GMT
server: cloudflare
etag: W/"604a7630-12469"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJypAq6%2B%2FdBrB0PJdZKBHzszVaCE43rDAgSohEnM0xcpCo94icKXpZaLJrTmOs4F8epydvK8d8pInC6Mnk9sAmxGtxrcj61jJdOhtHADobfALi9gMu8cvqx7GwlRGl7U3fNHeqSS0V8ORwNxoI8TngaAnxU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 692e39096c4adfd7-FRA
expires: Wed, 13 Oct 2021 02:47:14 GMT

GET
H2 200 beetle.js Show response
onpointpublishing.com/template/js/ 59 KB
9 KB 31ms
29ms Script
application/javascript 2606:4700:3035::6815:30c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onpointpublishing.com/template/js/beetle.js
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bc3457dfe52f627da8e6011b2fd916e7f0aa568daedd270bdb5f989f4dec7bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2571658
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 11 Mar 2021 19:57:36 GMT
server: cloudflare
etag: W/"604a7630-eb24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlrFLKRQC01EghoqDA8OcvLK6m4AV0q%2F0teeLrmNosXtly2w0Gq5Z6SZY1FppXWHA7VYidPfHcdyI9DmNenCpR5OUm3%2BVK9I1ykCpSogfUt%2BFlfv9lrSriBrBYFHaVAUqpZqM%2BPdypskOy3qMlnPSJ5WiBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 692e39096c58dfd7-FRA
expires: Thu, 23 Sep 2021 01:57:31 GMT

GET
H2

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

7ms
6ms

Script
text/javascript

2a03:2880:f22d:1e6:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 08:47:54 GMT
x-fb-trip-id: 1679558926
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-encoding: br
content-length: 4824

Redirect headers

date: Wed, 22 Sep 2021 20:18:30 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: cln
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 38ms
6ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 20:18:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/6711)
Age: 47
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/dominip-usd-network/ 181 KB
29 KB 50ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/dominip-usd-network/loader.js
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e0944e7a05c46874c070b1f110e6b6ae2fea5ba0c07919c983616ee2311a7e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: nLq6bj.EeOqroVDtLa5ql2Ia1CvPSG_a
content-encoding: gzip
etag: "a8c1818658ee0381850d490879f33ef0"
age: 20956
x-cache: HIT
content-length: 28906
x-amz-id-2: U9IOqSvIxKVOvf2mwVfn7dqgdO+u2ROMEl3SvKi1pqCbXgQWfq5nhUY4odO1iX5QIHBSQwh+37g=
x-served-by: cache-fra19125-FRA
last-modified: Wed, 22 Sep 2021 14:27:55 GMT
server: AmazonS3
x-timer: S1632341910.034334,VS0,VE0
date: Wed, 22 Sep 2021 20:18:30 GMT
vary: Accept-Encoding
x-amz-request-id: RW24413XS7QZ6PGV
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 79
x-cache-hits: 273

GET lY8uLpdZuiM
www.youtube.com/embed/ Frame 9D69 0
0

GET fontawesome-webfont.woff
onpointpublishing.com/template/fonts/ 0
0

GET
H2 200 lY8uLpdZuiM Show response
www.youtube.com/embed/ Frame 2FC2 56 KB
25 KB 53ms
53ms Document
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1

Requested by

Host: onpointpublishing.com
URL: https://onpointpublishing.com/template/js/plugins.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c3280ca5d2a4e13b5c5be308521eed9ab320898e6be91047a3a103ae5f6d194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/lY8uLpdZuiM?modestbranding=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bg.onpointpublishing.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 22 Sep 2021 20:18:30 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=gjW6oK9qW7k; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=BDGYH6Uaxus; Domain=.youtube.com; Expires=Mon, 21-Mar-2022 20:18:30 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+088; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 impl.20210922-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 528 KB
117 KB 7ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210922-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dominip-usd-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 89415187dc8fa00e52f6bd5c57dc3ddb3a479991a774aa18edde206c14ce6295

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: gbUvz9XKlYSnpjRSWvhbUajUNd4g64ur
content-encoding: br
etag: "a921aa227b4c98aa69c1a323fef27e29"
age: 9091
x-cache: HIT
content-length: 119526
x-amz-id-2: aDVi31IIM2zOSv5Xz0O3RK8EIHIlFZeeeUqkfrkoaV/K9Jm+nS724UZq1tCRO3zQml3AH5abINs=
x-served-by: cache-fra19125-FRA
last-modified: Wed, 22 Sep 2021 09:46:00 GMT
server: AmazonS3-br
x-timer: S1632341910.109005,VS0,VE0
date: Wed, 22 Sep 2021 20:18:30 GMT
vary: Accept-Encoding
x-amz-request-id: WHMRPR9F8VSXF00X
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 15
x-cache-hits: 41231

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 47 KB
18 KB 21ms
6ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: a802da1fed23cd109b20c06543b8d61b71ee03ed2ba569f1ff017e30f4212710

Request headers

Referer: https://bg.onpointpublishing.com/
Origin: https://bg.onpointpublishing.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
last-modified: Sun, 19 Sep 2021 20:24:24 GMT
server: nginx/1.18.0
etag: W/"61479c78-bb35"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 22 Sep 2021 21:18:30 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame F9AC 319 KB
103 KB 7ms
7ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fbg.onpointpublishing.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://bg.onpointpublishing.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 771535
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 22 Sep 2021 20:18:30 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6724)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET fontawesome-webfont.ttf
onpointpublishing.com/template/fonts/ 0
0

GET
H2 200 json Show response
trc.taboola.com/dominip-usd-onpointpublishingcom/trc/3/ 9 KB
4 KB 214ms
193ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/dominip-usd-onpointpublishingcom/trc/3/json?tim=20%3A18%3A30.183&lti=deflated&data=%7B%22id%22%3A143%2C%22ii%22%3A%22%2Fwomans-masturbation-guide%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1632320873378%2C%22vi%22%3A1632341910181%2C%22cv%22%3A%2220210922-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fbg.onpointpublishing.com%2Fwomans-masturbation-guide%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6183%2C%22nsid%22%3A%22dominip-usd-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Apub%3Ddominip-usd-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A5703.96875%2C%22mw%22%3A743.453125%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fwomans-masturbation-guide%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Apub%3Ddominip-usd-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210922-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 388434400a9fb7bc28c3dc7e9394e3b0a208a9b275b7116429f4390b101e9c6c

Request headers

Referer: https://bg.onpointpublishing.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 187
date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
server: nginx
x-timer: S1632341910.209960,VS0,VE187
x-served-by: cache-fra19125-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://bg.onpointpublishing.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 4597 Show response
na.nawpush.com/tags/ 479 B
462 B 54ms
7ms XHR
text/plain 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/4597
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: ba75435e8fa054bd6560f26b95da7c6617ca171631a07e2f23eddd654c5f13f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Sep 2021 20:18:30 GMT
cache-control: max-age=300, public
content-type: text/plain; charset=utf-8
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
vasgenerete.site/npc/sdk/ 0
239 B 45ms
9ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vasgenerete.site/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
last-modified: Wed, 04 Aug 2021 11:35:07 GMT
server: nginx/1.18.0
etag: "610a7b6b-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 22 Sep 2021 21:18:30 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/202721c6/ Frame 2FC2 329 KB
45 KB 15ms
13ms Stylesheet
text/css 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c548c151337a815c681c21526d74a2a18d333af03de18c3416b7ecbec5efa49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:44:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46356
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Sep 2022 15:44:18 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/202721c6/www-embed-player.vflset/ Frame 2FC2 201 KB
66 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d246d268ccbb30f7aadd23581fb30e4e790b9570fe1906c8ecbaa451427dc283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 14:35:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67318
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 22 Sep 2022 14:35:43 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame 2FC2 2 MB
505 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fc4119bc1cbfb84c3decc599049a609d37530c85c6272d2babb5e6f8aea51d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:44:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 517198
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Sep 2022 15:44:53 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/202721c6/fetch-polyfill.vflset/ Frame 2FC2 8 KB
3 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:46:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27100
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 22 Sep 2022 12:46:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2FC2 15 KB
15 KB 32ms
5ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 174017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 19:58:13 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F9AC 232 B
431 B 188ms
172ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=0dc1a04b1cfc68190ff30281799202f013ee9934

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fbg.onpointpublishing.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:29 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 20:18:30 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: c62ca581a31282e595b7f14e51c05eab58ea0e564f1bcf97bf5544529ff655ac
content-length: 166

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 73 KB
25 KB 41ms
19ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

53b359e15f0cd877e316e6d904acb525be66284cf165ea2268f799ff621404ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "995 / 330 of 1000 / last-modified: 1632309426"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25040
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 Sep 2021 20:18:30 GMT

GET
H2 200 prebid5.2.0.js Show response
get.optad360.io/sf/ 437 KB
135 KB 8ms
7ms Script
application/javascript 2600:9000:21f3:e000:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.2.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a923230515fe265da1f93fcd02d41e37ef4e6bc157358768313d7cb9e5efb7a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 14:25:49 GMT
content-encoding: gzip
last-modified: Fri, 25 Jun 2021 12:08:33 GMT
server: AmazonS3
age: 1317162
etag: W/"3f120fb160292782175c18b2de386caf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: WozBu5M8Dpl0c9NRjvQ4-d51R6mWflFC3meD5anuxHTYyjh69erS3w==

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 2FC2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
470 B

17ms
16ms

XHR
application/json

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

584297e6d4c72078e129654362a9a7d2ee3141a1d68e396107f42cd363f2b320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Sep 2021 20:18:30 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2FC2 29 B
424 B 32ms
6ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:12:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 332
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Wed, 22 Sep 2021 20:27:58 GMT

GET
H2 200 push.m.js Show response
js.wpshsdk.com/npc/sdk/ 54 KB
20 KB 39ms
7ms Script
application/javascript 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpshsdk.com/npc/sdk/push.m.js?v=1
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4720daad8daba83ee3b0e5e453f6b9d6d021b2ed5ef662c7dd801998c133b96d

Request headers

Referer: https://bg.onpointpublishing.com/
Origin: https://bg.onpointpublishing.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 08:34:55 GMT
server: nginx/1.18.0
etag: W/"612f3b2f-d82f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 22 Sep 2021 21:18:30 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 8 KB
3 KB 39ms
6ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 06:06:24 GMT
server: nginx/1.18.0
etag: W/"61233ae0-1e8b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 22 Sep 2021 21:18:30 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 remote.js Show response
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame 2FC2 95 KB
29 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

375ed48cd9e95d6226f860a4e264e95d284f7f2e1afd3e273a487b523a4667b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29973
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Sep 2022 15:44:54 GMT

GET
H2 200 x4Qi3fPOn5xqwkHtmeAvR47DUyjj2eAJu6nrkVefGdI.js Show response
www.google.com/js/th/ Frame 2FC2 34 KB
14 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/x4Qi3fPOn5xqwkHtmeAvR47DUyjj2eAJu6nrkVefGdI.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c78422ddf3ce9f9c6ac241ed99e02f478ec35328e3d9e009bba9eb91579f19d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 14:19:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13230
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:30:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 22 Sep 2022 14:19:19 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/ Frame 2FC2 25 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fc0154a9a3bb9f72d51c7dc2438412bf3e5b7fd637af7947d78ba3260e20d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7353
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 00:16:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 20 Sep 2022 15:44:54 GMT

GET
DATA 200
OK truncated
/ Frame 2FC2 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLTJYwotISLui7xQr2NABs9x8dxg3nyxRcvSK_RWnw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2FC2 5 KB
6 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLTJYwotISLui7xQr2NABs9x8dxg3nyxRcvSK_RWnw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e75aeb6e02450b64e65a159d15de0dbcaebeb5f2c1874c3e1f6b2b4dfa5ebecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:29:22 GMT
x-content-type-options: nosniff
age: 13748
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5624
x-xss-protection: 0
server: fife
etag: "v117"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 06 Sep 2021 06:51:45 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/lY8uLpdZuiM/ Frame 2FC2 50 KB
50 KB 77ms
55ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/lY8uLpdZuiM/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ead2196501a872207bc9d488eac18dacfcce8d2e9d14ce9ef69f75ef83780227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50976
x-xss-protection: 0
server: sffe
etag: "1602276494"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 22 Sep 2021 22:18:30 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2FC2 10 KB
10 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:14:50 GMT
x-content-type-options: nosniff
age: 191020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 15:14:50 GMT

GET
H2 200 tfa-eid.20210922-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 7ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210922-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dominip-usd-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de68552421265980f728f7b8a5259de8a42d740ea2dab9d06fb1d2052f3f0227

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: TImexuDHYHtNk_cJIm.fmMLQoSz5YC1X
content-encoding: gzip
etag: "da1fd45dd6f1518df36d9967d90c1e67"
age: 74
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5061
x-amz-id-2: PBk202CPDsDszzIyl/CoYeqe6V7UKzu5hCVRsc+h5Q7r6x479ORNolQ6nU9wzyzhPLaGhuPNHO0=
x-served-by: cache-fra19125-FRA
last-modified: Wed, 22 Sep 2021 09:58:54 GMT
server: AmazonS3
x-timer: S1632341910.496774,VS0,VE0
date: Wed, 22 Sep 2021 20:18:30 GMT
vary: Accept-Encoding
x-amz-request-id: DAPTDZCTRFCM5T1S
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 15
x-cache-hits: 337

GET
H2 200 sha256.20210922-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 7ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210922-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dominip-usd-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2300a2f9de065fa8f1e2b000b96ba68a7842fb2124836521de0993dd2619a603

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: WTvh_AkBdbtz.KE4t8G8rgoULWmKLIlJ
content-encoding: gzip
etag: "ea3548a7a4ca21061bd5628a7b3543d1"
age: 32
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2589
x-amz-id-2: lgJryqnDwX/xd++6BlJZKd+cTTIVcCToehgFJFurJ/drI6mJRnTQssGDQhthlrqor4e+W36HPGU=
x-served-by: cache-fra19125-FRA
last-modified: Wed, 22 Sep 2021 10:00:04 GMT
server: AmazonS3
x-timer: S1632341910.496871,VS0,VE0
date: Wed, 22 Sep 2021 20:18:30 GMT
vary: Accept-Encoding
x-amz-request-id: S7HN5R6A9B9ZDQSG
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 15
x-cache-hits: 148

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/dominip-usd-network/ 181 KB
29 KB 20ms
6ms Fetch
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/dominip-usd-network/loader.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210922-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e0944e7a05c46874c070b1f110e6b6ae2fea5ba0c07919c983616ee2311a7e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: nLq6bj.EeOqroVDtLa5ql2Ia1CvPSG_a
content-encoding: gzip
etag: "a8c1818658ee0381850d490879f33ef0"
age: 20957
x-cache: HIT
content-length: 28906
x-amz-id-2: U9IOqSvIxKVOvf2mwVfn7dqgdO+u2ROMEl3SvKi1pqCbXgQWfq5nhUY4odO1iX5QIHBSQwh+37g=
x-served-by: cache-fra19140-FRA
last-modified: Wed, 22 Sep 2021 14:27:55 GMT
server: AmazonS3
x-timer: S1632341911.511740,VS0,VE0
date: Wed, 22 Sep 2021 20:18:30 GMT
vary: Accept-Encoding
x-amz-request-id: RW24413XS7QZ6PGV
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 79
x-cache-hits: 266

GET
H2 200 userx.20210922-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
5 KB 7ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210922-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/dominip-usd-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65407d82aac3293464fc6f9afff84e21727605331785c8d999ec06de3b0cd669

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: dCNniGOjN03IUk2tY.QzOu2bCVFgqQeO
content-encoding: gzip
etag: "5ae9a617d0957b1ef0eced41f0f33393"
age: 115
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5341
x-amz-id-2: LPpZ+rDUzZCK8uzgeePRqt0ARdBSAiSYCrmBP0+vt4+HJDUJuL3t6lbHg5GoK00IwzQXZrSLh5s=
x-served-by: cache-fra19125-FRA
last-modified: Wed, 22 Sep 2021 09:58:10 GMT
server: AmazonS3
x-timer: S1632341911.513833,VS0,VE0
date: Wed, 22 Sep 2021 20:18:30 GMT
vary: Accept-Encoding
x-amz-request-id: K6S472EEH9MTPE0J
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 15
x-cache-hits: 60

GET
H2 200 pubads_impl_2021091501.js Show response
securepubads.g.doubleclick.net/gpt/ 334 KB
117 KB 17ms
16ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119151
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 08:39:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 Sep 2021 20:18:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 87 B
107 B 32ms
16ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bg.onpointpublishing.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

7e73f6788179424a7cc23fbb8702451c4fbe2fd2fedc0e5537859a47f61990d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Wed, 22 Sep 2021 20:18:30 GMT

GET
H2 200 71edb542c6d1404e27c336a390892366.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 15 KB
15 KB 9ms
8ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/71edb542c6d1404e27c336a390892366.jpg
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cfa68ca86160bf2554b971a0c831241f437613c9719ce49e8553d5b768150350

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Sep 2021 20:18:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 552646
edge-cache-tag: 542782910977221810095166809710991530062,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 80
expiration: expiry-date="Sat, 09 Oct 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/71edb542c6d1404e27c336a390892366.jpg
content-length: 15044
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Wed, 08 Sep 2021 11:13:59 GMT
server: nginx
x-timer: S1632341911.589286,VS0,VE1
etag: "3466a2b1bf702babd43228fae0f193f4"
x-served-by: cache-wdc5563-WDC, cache-dca17754-DCA, cache-fra19125-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 best-erotic-stories-read-online.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//onpointpublishing.com/img/sex/53/ 7 KB
7 KB 9ms
8ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//onpointpublishing.com/img/sex/53/best-erotic-stories-read-online.jpg
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a0e923950e195b355bf371207a6f78e007f5a52d3b632847940026f10b500779

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Sep 2021 20:18:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 15757
edge-cache-tag: 523799905176188966924831380277006529434,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 329
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//onpointpublishing.com/img/sex/53/best-erotic-stories-read-online.jpg
content-length: 6872
x-request-id: fb762049814c21e220f7b8b728afc9e4
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Wed, 22 Sep 2021 15:45:21 GMT
server: nginx
x-timer: S1632341911.589379,VS0,VE1
etag: "0584728e3cc3f012ec57fb63fe31681d"
x-served-by: cache-wdc5574-WDC, cache-dca17766-DCA, cache-fra19125-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 EaFGRazWAAIaCVZ-1000x600.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cakehd.com/wp-content/uploads/2021/03/ 4 KB
5 KB 8ms
7ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cakehd.com/wp-content/uploads/2021/03/EaFGRazWAAIaCVZ-1000x600.jpg
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 15f044325e8f1d2960c2af2fed3ab540b9bc06baaa1b85bcc980c1e3a505a0c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Sep 2021 20:18:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 2140062
edge-cache-tag: 597902281394275814250131249929575084921,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 32
expiration: expiry-date="Sun, 19 Sep 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cakehd.com/wp-content/uploads/2021/03/EaFGRazWAAIaCVZ-1000x600.jpg
content-length: 4404
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified: Thu, 19 Aug 2021 07:01:27 GMT
server: nginx
x-timer: S1632341911.589390,VS0,VE1
etag: "39e490d80ff7d26ba98c31ebb8ae6f12"
x-served-by: cache-wdc5539-WDC, cache-dca17746-DCA, cache-fra19125-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 5-cheating-wives-explain-why-women-cheat-their-husbands.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//onpointpublishing.com/img/heartbreak/62/ 9 KB
10 KB 9ms
8ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//onpointpublishing.com/img/heartbreak/62/5-cheating-wives-explain-why-women-cheat-their-husbands.jpg
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ac09a4fc5a3e728500efae5b1e073a487dda8ca63098843ae6bf727292b5c21a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Sep 2021 20:18:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 20255
edge-cache-tag: 551693139145961047666216319654897905537,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 227
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//onpointpublishing.com/img/heartbreak/62/5-cheating-wives-explain-why-women-cheat-their-husbands.jpg
content-length: 9288
x-request-id: bb4c287e5f771865484668a8b3d35872
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Wed, 22 Sep 2021 14:37:39 GMT
server: nginx
x-timer: S1632341911.589594,VS0,VE1
etag: "e3b2ce43ade813dfb4175c9417495a42"
x-served-by: cache-wdc5540-WDC, cache-dca17734-DCA, cache-fra19125-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 Gymnastics_Fitness_Legs_Stretch_exercise_Pose_594482_4160x2600.jpg
images.taboola.com/taboola/image/fetch/h_250,w_300,c_fill,g_xy_center,x_2080,y_1337/https%3A//s1.1zoom.me/big3/846/ 7 KB
8 KB 11ms
11ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_250,w_300,c_fill,g_xy_center,x_2080,y_1337/https%3A//s1.1zoom.me/big3/846/Gymnastics_Fitness_Legs_Stretch_exercise_Pose_594482_4160x2600.jpg
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a2be0acd831cfe9dacc6664a3a09a47adbf54c5ba09ba167a9fb4ec2cda61b19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Sep 2021 20:18:30 GMT
via: 1.1 varnish, 1.1 varnish
age: 1752459
edge-cache-tag: 443412063638866619596787370393479741299,361797520699625335506336700756331496894,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 21
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/h_250,w_300,c_fill,g_xy_center,x_2080,y_1337/https%3A//s1.1zoom.me/big3/846/Gymnastics_Fitness_Legs_Stretch_exercise_Pose_594482_4160x2600.jpg
content-length: 7670
x-request-id: 2a8f500c67692744e92c016ae46ed621
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified: Thu, 19 Aug 2021 18:37:53 GMT
server: nginx
x-timer: S1632341911.589620,VS0,VE1
etag: "a648a7979a362a96628a98a1bd5dc989"
x-served-by: cache-wdc5573-WDC, cache-dca17744-DCA, cache-fra19125-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 50-best-romantic-love-song-lyrics-share-with-your-love.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//onpointpublishing.com/img/quotes/10/ 8 KB
9 KB 9ms
9ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//onpointpublishing.com/img/quotes/10/50-best-romantic-love-song-lyrics-share-with-your-love.jpg
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d54369c696c2898cbca2c1ebcf4594d0087679906c3741db1becdf452c983194

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 22 Sep 2021 20:18:30 GMT
via: 1.1 varnish
age: 8352
edge-cache-tag: 383676682499352398322645769601892215243,382462852265061629683480083300601098295,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-envoy-upstream-service-time: 92
x-cache: HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_250%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//onpointpublishing.com/img/quotes/10/50-best-romantic-love-song-lyrics-share-with-your-love.jpg
content-length: 8632
x-request-id: 6be6e36582c1767d0d6b2fd82081754a
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Wed, 22 Sep 2021 17:55:30 GMT
server: nginx
x-timer: S1632341911.589685,VS0,VE1
etag: "81dc27805ad49fec9ccf4222e59702d2"
x-served-by: cache-wdc5538-WDC, cache-fra19125-FRA
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 54ms
12ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210922

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.2.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0056fc70e9e9ef6b04d00a0efc1fec72609bfbe74c1e26c447562dc735961288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.onpointpublishing.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 17401
x-jsd-version: 1.0.1108
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 844
etag: W/"695-AbH7hrEzIyBCXMXtoWbffudOrPk"
x-served-by: cache-fra19155-FRA
x-jsd-version-type: version
date: Wed, 22 Sep 2021 20:18:30 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
717 B 57ms
13ms Script
application/javascript 2606:4700::6812:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.2.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 09 Sep 2021 12:35:55 GMT
server: cloudflare
age: 324471
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 692e390d9ea4693d-FRA
x-amz-request-id: TD3DS9YZ8440AKDY
x-amz-id-2: M2Q7mY6rdpzXw/sL0fa+n0BFIJ9kCQCZ5Pu3Nfv1fXbLplIOJnLEBWCmKKKxSvug0l8dkcZHDP0=
expires: Wed, 22 Sep 2021 20:48:30 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.onpointpublishing.com%2F&domain=bg.onpointpublishing.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=F9Y7sHx4eTFBd2NQeTByd0VtMGZvQlRuUUpBSWtNY1NlNW54QndxbVFZd2RUb1RCa3BJTSsyOHdBOHRhTFhBcTlqZHY3TVB1Y1Z1VFo2L1VrQzhCbCtnYk1ST2s3ZHZUZGpBUTNjaVllcUwvMXJrb0N3S0VDdnIyOUhzdH...

379 B
625 B

38ms
14ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=F9Y7sHx4eTFBd2NQeTByd0VtMGZvQlRuUUpBSWtNY1NlNW54QndxbVFZd2RUb1RCa3BJTSsyOHdBOHRhTFhBcTlqZHY3TVB1Y1Z1VFo2L1VrQzhCbCtnYk1ST2s3ZHZUZGpBUTNjaVllcUwvMXJrb0N3S0VDdnIyOUhzdHZBS3g3bktZbEdKN0NiQUVPY3JtZG00R2NyQmVxUy9XQTZrYWgwbDR6aWVwWEtmQ2xKZjQxSDE4S1dPQU1jVkx6UVo2SkNCNFl2WGZaTktiS3J2TW5jZFk4b2ttRmJBZVVTM1dvalZiUkN4SDZHbkhlSVBVaE9vSC9NK3kraWloZEpGNEJnY1ZrfA&cppv=2

Requested by

Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

70e05dc4158dd9c1b66fd86cae9f774f1b12085180ce4569b9a2e4d1b95b7f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 22 Sep 2021 20:18:30 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2251
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 22 Sep 2021 20:18:30 GMT
location: https://mug.criteo.com/sid?cpp=F9Y7sHx4eTFBd2NQeTByd0VtMGZvQlRuUUpBSWtNY1NlNW54QndxbVFZd2RUb1RCa3BJTSsyOHdBOHRhTFhBcTlqZHY3TVB1Y1Z1VFo2L1VrQzhCbCtnYk1ST2s3ZHZUZGpBUTNjaVllcUwvMXJrb0N3S0VDdnIyOUhzdHZBS3g3bktZbEdKN0NiQUVPY3JtZG00R2NyQmVxUy9XQTZrYWgwbDR6aWVwWEtmQ2xKZjQxSDE4S1dPQU1jVkx6UVo2SkNCNFl2WGZaTktiS3J2TW5jZFk4b2ttRmJBZVVTM1dvalZiUkN4SDZHbkhlSVBVaE9vSC9NK3kraWloZEpGNEJnY1ZrfA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bg.onpointpublishing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1908
content-length: 509
expires: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
186 B 53ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.2.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.onpointpublishing.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.onpointpublishing.com
date: Wed, 22 Sep 2021 20:18:30 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
414 B 137ms
77ms XHR
text/plain 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.2.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bg.onpointpublishing.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:30 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://bg.onpointpublishing.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
253 B 340ms
157ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.2.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.onpointpublishing.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.onpointpublishing.com
date: Wed, 22 Sep 2021 20:18:30 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 72
vary: origin, Accept-Encoding

POST
H2 200 c Show response
prebid.a-mo.net/a/ 861 B
790 B 309ms
127ms XHR
application/json 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.2.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: f8aaf85139277e9bee632085d5612150f07941077d0483cfbeae790c0bbc880d

Request headers

Referer: https://bg.onpointpublishing.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bg.onpointpublishing.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 43
content-length: 355

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
413 B 141ms
80ms XHR
text/plain 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.2.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bg.onpointpublishing.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:30 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://bg.onpointpublishing.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
186 B 48ms
13ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.2.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.onpointpublishing.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.onpointpublishing.com
date: Wed, 22 Sep 2021 20:18:30 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 75ms
25ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.onpointpublishing.com%2F&domain=bg.onpointpublishing.com&cw=1&lsw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://bg.onpointpublishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://bg.onpointpublishing.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1701
date: Wed, 22 Sep 2021 20:18:29 GMT
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 106ms
30ms Preflight 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bg.onpointpublishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 22 Sep 2021 20:18:30 GMT
content-length: 0
cache-control: private
access-control-allow-origin: https://bg.onpointpublishing.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age: 86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 103ms
29ms Preflight 37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bg.onpointpublishing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 22 Sep 2021 20:18:30 GMT
content-length: 0
cache-control: private
access-control-allow-origin: https://bg.onpointpublishing.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age: 86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2FC2 4 KB
3 KB 39ms
14ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Wed, 22 Sep 2021 20:18:30 GMT

GET
H2 204 generate_204
www.youtube.com/ Frame 2FC2 0
39 B 9ms
8ms Image
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?4pjdeg
Requested by: Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/93/ Frame 2FC2 52 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/93/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 21:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83563
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15359
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 15:09:13 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Wed, 22 Sep 2021 21:05:47 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 37ms
22ms Fetch
application/javascript 2606:4700::6812:ea1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ea1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13b828524033b9a73c68df3bf063d050d264b970d6292f5a177f885a27e6792

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 1144556
x-amz-request-id: 1VAFC30XH0XAV398
x-amz-id-2: xmNSNv4Ehq76wHmxy6f1OxijWkQRR4g98iSNq4N6d4jqkFZUw5UNUMBVFuKKWV+EdEgWAWEVs2o=
last-modified: Thu, 09 Sep 2021 12:35:54 GMT
server: cloudflare
etag: W/"80a6d470c029b1acfca7d8abeb00b240"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 692e390e3ac04eeb-FRA
expires: Wed, 22 Sep 2021 20:48:30 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 66ms
12ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 982
date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 40ms
17ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bg.onpointpublishing.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 39ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bg.onpointpublishing.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 223ms
222ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=995622837883750&correlator=2278771207442582&output=ldjh&impl=fif&eid=31062888%2C31062903%2C44750894&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210922&iu_parts=121764058%2Ccelebs-networth.com%2Ccelebs-networth.com_stat_S3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C750x200%7C750x300&cookie_enabled=1&bc=31&abxe=1&lmt=1632341910&dt=1632341910954&dlt=1632341909913&idt=844&frm=20&biw=1600&bih=1200&oid=3&adxs=306&adys=1032&adks=1383691803&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.onpointpublishing.com%2Fwomans-masturbation-guide&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=728x0&ga_vid=1511290728.1632341911&ga_sid=1632341911&ga_hid=1187051723&ga_fc=false&fws=644&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

f3a9b2cd12147ecf9ab7990159384de752ad30fb5760d6dc0988c95f5e73d886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9354
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bg.onpointpublishing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FC21 6 KB
4 KB 59ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bg.onpointpublishing.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 22 Sep 2021 20:18:31 GMT
expires: Thu, 22 Sep 2022 20:18:31 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 styles.css
js.wpshsdk.com/npc/sdk/push/ 2 KB
1 KB 21ms
6ms Stylesheet
text/css 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpshsdk.com/npc/sdk/push/styles.css
Requested by: Host: js.wpshsdk.com
URL: https://js.wpshsdk.com/npc/sdk/push.m.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 1530691d7096753c4a33ff3d11be983fbec896774cffe9a3555c2c81e6f18906

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:30 GMT
content-encoding: gzip
last-modified: Thu, 16 Jul 2020 20:33:19 GMT
server: nginx/1.18.0
etag: W/"5f10b98f-843"
content-type: text/css
access-control-allow-origin: *
expires: Wed, 22 Sep 2021 21:18:30 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 subscription-offers
notification.tubecup.net/in/ 0
49 B 39ms
3ms Image
text/plain 88.198.186.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fbg.onpointpublishing.com%2Fwomans-masturbation-guide&tcid=0&spot_id=2185&site=tcpublisher&source_id=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.198.186.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-198-186-100.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:31 GMT
content-length: 0
server: nginx/1.18.0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 79 KB
31 KB 403ms
402ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=995622837883750&correlator=2278771207442582&output=ldjh&impl=fif&eid=31062888%2C31062903%2C44750894&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210922&iu_parts=121764058%2Ccelebs-networth.com%2Ccelebs-networth.com_SF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&cookie_enabled=1&bc=31&abxe=1&lmt=1632341910&dt=1632341910972&dlt=1632341909913&idt=844&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1200&adks=2997148638&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.onpointpublishing.com%2Fwomans-masturbation-guide&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&ga_vid=1511290728.1632341911&ga_sid=1632341911&ga_hid=1187051723&ga_fc=false&fws=640&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a928d62cc973a65b9d5bf32000aa23b65e9d510931c8708f48ac870ff0d46142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31700
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bg.onpointpublishing.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F9F2 6 KB
3 KB 308ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bg.onpointpublishing.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 22 Sep 2021 20:18:31 GMT
expires: Thu, 22 Sep 2022 20:18:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 44ms
22ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1632137829538267"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 22 Sep 2021 20:18:31 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 41ms
19ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021091501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08bc8be0b0f515e23093593d38aa82e4f71aed106d011d70ff1d206c45d9ad68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 22 Sep 2021 20:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8472
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 22 Sep 2021 20:18:31 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A56B 12 KB
5 KB 307ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bg.onpointpublishing.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 22 Sep 2021 18:47:26 GMT
expires: Thu, 22 Sep 2022 18:47:26 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8736 783 B
988 B 56ms
55ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

26ab4ca42037367230d71916b5b2e877ac52b18a3860736369d6e5b32fa178c3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CuTwJvzTBO//ghHDBJcKUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bg.onpointpublishing.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 22 Sep 2021 20:18:31 GMT
date: Wed, 22 Sep 2021 20:18:31 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-CuTwJvzTBO//ghHDBJcKUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8736 0
0 50ms
30ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021091501&jk=995622837883750&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 container.html Show response
005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AE2E 6 KB
3 KB 122ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bg.onpointpublishing.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 22 Sep 2021 20:18:31 GMT
expires: Thu, 22 Sep 2022 20:18:31 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F97C 624 B
350 B 19ms
18ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQsqfrAhje9Z2zATAB&v=APEucNVDuz_XCbvaOnQ6YTj8R5uou-YnzCoGESxRMEBLVLkJdldCl7qKQEORzu9rAovw9y3zqKpGgub7Ute_2nlq_nUqiozdHFqjlM8hyrHKDUZsX-xAAHmtYDXlF37rBwHQ1S2OcbfaLjfG0U4w2gsm5pXPUCNCJLD826B6ewI51rbBmy4l4v1-dl7apMq85KwYEaEox8r_udfcNp9BRH2VpgC4lS3V1w

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CKCm6AIQsqfrAhje9Z2zATAB&v=APEucNVDuz_XCbvaOnQ6YTj8R5uou-YnzCoGESxRMEBLVLkJdldCl7qKQEORzu9rAovw9y3zqKpGgub7Ute_2nlq_nUqiozdHFqjlM8hyrHKDUZsX-xAAHmtYDXlF37rBwHQ1S2OcbfaLjfG0U4w2gsm5pXPUCNCJLD826B6ewI51rbBmy4l4v1-dl7apMq85KwYEaEox8r_udfcNp9BRH2VpgC4lS3V1w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkU9nLVXR-bj5dlXluIEcrBYOpHRLId6E9ye6iVlNNWRIy4m4d0aB3e9pji
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 22 Sep 2021 20:18:31 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F9F2 71 KB
28 KB 48ms
48ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4PataYp74R1m01gBQY0GYBYV573tJHTVEEOGetqZ782RsxvC3-bwOj89mEPZTn00BHycrojDPF-f8xVm5dW2NsZR-gYh2XtuKEsIsP92_bktU03-9ihFcC6_d94UZ7kv-01Ch1EW5M49TLswUpMkmjX8P1w&dbm_d=AKAmf-CTCuLSIq3n4P9iGCk4CVqrUfLDUlxRZBldLRX5U8Z9CnG0bjBWI80iANiHEbk6miUtQSwClk_bbu4nXIfqIZWmtPUgQ5ZgVu_oKVC_uRTjPSw50vF_WOtgFoVOq4hs-ZzU_ZQigEOEcjfUzZmlF9CpP_0M5Ijv4FF0F_D0pLwSll4GCv5FnnfFdwdH-uNqZnlsDv7x74ScdHlvEB7jbBQTtEd2tbBlSLer-b37Bi2v5G8eLqA1M3g3-lONt0sx_FHXVQCAXW3l9nDbqnOZYhSANIyG5s7bjx0sU-QRq85mA6SFfzM-wmLueene6e11YzVjSoHkTXNHvYcdUQ6vv2gk3DwxtBuAlRf6UCbzHcG7jWmqqB12T--6CnwagYj34uhxhGce-hqDr8UMQ6zaQq3NnIPcIpLyqH4cLEwFj3wDvwKuCxUBJmHifkmudviV_LmReHgpzGYxKnYnmXkAKCwTjV4TPDRW4xdx8_P05bZ2rekdPrkmop5daz0tZ5zaSLUpXyIw4KXRfMHDguivZR7Cp6lN14w-nuPbku8gENftvonwSLlo8khR0DHZh0kHBOn0Qm48YNzZKw4jB3-S_xqVh40vBDpok-uNKQWOgIEYWdb1IGCBe_q4kP4wqWC2fHj32yhOOM33h6TBVV-YJLlmQHTsKq4csvLZ72sOVe0M2Qgsn5y80_s8vj7cNkxGVRjnbpLbo3-ig5qoYEXEepdyzhH9MnI56d4-UzCH9qhuDybQLN9O-Lt_ElgKS6-TmkA-xhdR-JyQHOTxGn7aOmY6jE4j6HBAOjXOx3JVMjYt76NI2WLIfZVvWkayeXOCqpntsWJXZRHwsaIVzB8CGSEqfp8AMuAPRM5KwMzzPqgE_8cchMcE0ZwPZDQDNPV2kakc7bK_JAasUj2I8J7V08zkCKUiEmqJNAaSgBCI7r9taF7zv-0J4UQWYX74K_yZCf3Qa9I3CnKVXUegBPXMntioDqRgzej6PW00H-YK7-naHODla1Bpxl-ThiQWzD2X4gljOfaeIBOek8OkYRv6MfE--ScI1mnEfQPA-nmDIwZFY8uOMqId07lHneDd-SCq8MfNXxc2m4OdmaqlpI83auPgpM61iNhkQ466THKfvx5nHKnqRbm1JWILqbieZnElWi1p4R9rAlYGzgkithu7POJ_UQCnsqBYump-bfnjTVJWSG9MilqZylMSWYxVwDKagT4rgaMEe_bsiL5uBv7OUbS08wytBkQ78AjGSJgZVwG4M4S59-pFEc_D0f7HsFIWmmh30knJZZUngpYR8RZhFOYVViyw2yr_p5QzZXhtHoCCtBjX2hhfkeja6W6cjfCTBMdT273IoTUBFjfyTqNEM0hy3dwS1tWDKAsb3eUhxF5BCIdRn4DxgY27L7y5pyuHuL2z9Z7_ytZgynMeI0x3FSeOBd-gOZnRKPCflG-TrFoeEWutzgug0UCQ7gNNnmc1UjOZ-spe1-BpntObB9-eXYJFxEBP5VWkMtZdFGef6j-LPJyvu_2pzPidLTCQcTw_-x4nwGWoDdJHDXPn5Wl77oMF-rWaZrHAhZyZENL_PF8QehUnWtLElwF4pdcvjLpA1W-CX9NxdwTXjAXyMncOVfC8aB58iGkk3WmOVKBx8d9e81tDHOzIU_Di1_1lQSKGHKuvlVSTdgwQvqWjXl_cu3ss8nnASeigkf9aeB78rqMsnHl37onchMHMOFmIshqZcX6AkGo9rQEZSg0Pofz4GETogYu9X8hpwfiw9X4W2L91hNo57TQ_6ag_skkwRMmNjIfm4ZzBdzxwpAhcCmTHAjpGiHSpxDclEYrIjpZT7vDCbvrqBD7vKBUj1uQh-D3zetVIYOQvUTQERo9JvdGHKi4D1TpaRKP4N12GFRW_e7X4YUL_cR91Vr1HlzFSS-zxxv6CJ0qZdHxZ7bL1ohBghkIc2MX4iuAmIIUwZNkcT5_xNLxzSDn-CtzSpuCL6YWKOAcRAtZNqvJE73lPlbFbVUvw30AFSGuCZPrfCQruBmIpXhWNPSyD8jTBnE5LxAjjlFbSVj3xbh21VZhCEa--KCkaOcNU2oP5xZax-cgFb9gepjUgzIpfidVSGt1MCZz516LrInbfyAb9Y280COQlm8YtSq2HNp2ULOwBiod6IbOKlf2beFqeU7Z6B74d6un8l3o5Euo27IG0MYxhyqQBPes0dgrc1R6bii3LwHEK4aBPdap25-qlLF0oO9iY-WnAd--VUlb6HVlwq_yPXZB6dHDm-9LPK01IAPrBkoYyyqv5fBDOarhNWzHARYVqL5nCUUXoq0k28V98AFjYVjS6uOG8MlS_GJHaWtCYTCgOn6vtFN76PDKJ5n3lVuAsPicGBbCmGxZeMkea_2L_4QwwICmSX7VswXSxJ1c79RD8tooB-8umvNH4x9Isw12Sje3NdYJu1js8o1djFJZkm4T4EkeYTG00h_zsCRBFA9MGvVnAEFxuBjDm04BqMcItvJm48t8b5ntc78sQipXXrdxITsaIONIneGMbmt6QwbJZHcqdhTYYH7FJEQdEtbzT7Q3PInoFFpYLjU8BnOV8LvS33EaPOcaqdioil0h4fjRW2ViisW9vcJM8wuXsafqfVnSetO1q4gl16LZVpgx86gTfsCFbzQX4KVBK8inm8VjPrCguOk0g4jvnkL_QhpHHyEp8zTIBf_JMu0_GdTepPFzF8tcHlV44Umx18IU3t5SABX8Ei1XmbX2gLsrj4BMoTPWxiTIzXJva5iivUoZ9N7QtbdcIzi0nWNu38Sh2XE7qkeOLSGuwxgUHwo790cFXWzjUDr5tSmqP4NtMh9ggbEtjs3-Yi6jogmTyg-in5Ri5AjmAk4U32CdPUQP2CbYn-8FFSrOn2z50GZRyIfQNpMHHlniIn1UrTKcwq9khf9AmFR_F5r72Xmlv7OxiWlo4_e56kJKFxOfLlygUToIOvhv5s0S3X-97Ew5wRL96juz9TrXBCEiqKcyttCjL88GKN06rX85HIbhRQoq7NK2eoCMtE14K-fIlUYucU07XImorGOhyEocARbLrt5h1kOEuD0_VMZbSQJCOVZ8PNrFnkiuLKrpMLwqjwgGj5hsf0cOBmmwksW1YdPvGsxURvBb5fJv44BO47-AFNTXRBG1K2FDGkeZujfyWqoj3qJ79Ai_JjUcMfOkVtGZnRVXyYyS_YjiGpKkgosr30nz0X6VM-kCU0wVTfJA-mVW1zYg0xJLJQ5JsEPK96tPDuowx0C5SjnfQbbRpQYAqdoZFb9UEoljvtGWN_TM2dAuU8kIKzHlocNIm7zDs8oIOTe7fqaL4acCuZLsj_SwOYkoiC1OBXJjev_S-yO1NE5n6RdCvmHbWXRlp249J4G2EIj00Dd3g0weHwGFzah5_NMfhSmFZh5isyDfUzCeYyKV31XKw_TQEOnlrsHRJf78jlAUVw_a-ZAYh1N1zxzX1Jnk0w4xA9GshzFeRJ2y6o5PflFvTEHiHjSP4e5yHzzSptlceAzZi_g2OdYnTm0UlZ3SuclJEGtjQzn3BXCklUp5pQISuEaUFSjzOs31MZOkdtrW3KR8-4kpch5wk7fYXQOGQbanGRV7Sef4qbDXDj0G60tF7OpY7UhuZyWCB7PwJT7AivQV53XIc3dIblC9N2Zuxt3Vn8Fy8B7S_Gk5ZXh4YnIQykI9hYN_YvCXUK5A&cid=CAASEuRoXQzjbQPlOv0CfNjD5jgQtQ&rfl=1%2Chttps%253A%252F%252Fbg.onpointpublishing.com%252F%240

Requested by

Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

775e2a6b75cdc64a768d6ed37a8ec5817950417aa0136b8816c2f734cd924a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28803
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F9F2 42 B
173 B 14ms
13ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BB5qzruWj-jgC6CiGfANOEemSYYxa94kaBHZNDQeYdomJ8WDvb4oBJEBAHBqvNnc3jHfjdvpZt_Cyx-5-Vhj8wNLFPZIPEc_Qnew3g6xjK6xTPwi8

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame F9F2 2 KB
1 KB 47ms
10ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 20:17:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F9F2 128 KB
39 KB 340ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1632137836110461"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 22 Sep 2021 20:18:31 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame F9F2 14 KB
6 KB 43ms
7ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 20:15:37 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5FDE 624 B
340 B 16ms
16ms Document
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhj5rJmxATAB&v=APEucNWItHrXd9hdmu8D9ZupQlW-4PesF-BaSUaP0-yH2VUHqKEeUHzogJkjtpNd9zNpX17Cwrte46pjFm7TuDhC1R_Dp1PDZK3j9wl2EMvK0YDRsAYUK4Ob4eyBSW5NnO1bOapBkr4WS_maq3ugRRuHAH-GwKj1vPk8fYd_5J-eOb654e3noKbHeV_2yFb6Qx8DnB9HIhjdcCO2IqRbqzFnZySkCVDgZQ

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPjqRhC5lOngAhj5rJmxATAB&v=APEucNWItHrXd9hdmu8D9ZupQlW-4PesF-BaSUaP0-yH2VUHqKEeUHzogJkjtpNd9zNpX17Cwrte46pjFm7TuDhC1R_Dp1PDZK3j9wl2EMvK0YDRsAYUK4Ob4eyBSW5NnO1bOapBkr4WS_maq3ugRRuHAH-GwKj1vPk8fYd_5J-eOb654e3noKbHeV_2yFb6Qx8DnB9HIhjdcCO2IqRbqzFnZySkCVDgZQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkU9nLVXR-bj5dlXluIEcrBYOpHRLId6E9ye6iVlNNWRIy4m4d0aB3e9pji
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 22 Sep 2021 20:18:31 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame AE2E 114 KB
40 KB 81ms
9ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
Origin: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Sep 2021 12:46:50 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210915/r20110914/elements/html/ Frame AE2E 6 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210915/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 18:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2627
x-xss-protection: 0
server: cafe
etag: 17449454297928180344
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 18:05:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210915/r20110914/ Frame AE2E 18 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210915/r20110914/abg_lite_fy2019.js

Requested by

Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 7316329070599479730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 20:11:01 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AE2E 42 B
107 B 14ms
14ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Co3AV4ffYQJ-tDzJTtP_ALwn8qw3IPMOhh49ukG9vl03xRiVpgX-hKqDQ_F0dzBJLE4Vu9sbfr3kiIQ-cMKILat562-WfJgov7oJrWEjaxoGxeuZE

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame AE2E
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_l_alw-on
https://d.adtriba.com/px.gif

42 B
227 B

7ms
7ms

Image
image/gif

52.29.24.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.24.121 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-24-121.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 20:18:31 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Wed, 22 Sep 2021 20:18:31 GMT
Last-Modified: Wed, 22 Sep 2021 20:18:31 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame AE2E 2 KB
1 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/window_focus_fy2019.js

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:17:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 20:17:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE2E 128 KB
39 KB 326ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39526
x-xss-protection: 0
server: sffe
etag: "1632137836110461"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Wed, 22 Sep 2021 20:18:31 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/ Frame AE2E 14 KB
6 KB 33ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210915/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:15:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6211
x-xss-protection: 0
server: cafe
etag: 18326705275735229343
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 20:15:37 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AE2E 0
0 14ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUzmR5AKtBE7tqc_8MDfSMrLbIjfZB7MVydccKitBWytXzbx8F96NNydh5ZtAYTDspdyUE6RD4RMEoUirctCYbnHVzGQ
Requested by: Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

POST
H2 204 bulk Show response
trc.taboola.com/dominip-usd-onpointpublishingcom/log/3/ 0
310 B 16ms
14ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/dominip-usd-onpointpublishingcom/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210922-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.onpointpublishing.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 22 Sep 2021 20:18:31 GMT
via: 1.1 varnish
server: nginx
x-timer: S1632341912.584319,VS0,VE9
x-served-by: cache-fra19125-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://bg.onpointpublishing.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AE2E 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 17 Sep 2022 08:58:06 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4057 1 KB
845 B 12ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 21 Sep 2021 21:06:15 GMT
expires: Wed, 22 Sep 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 83536
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F97C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&C=1

43 B
1014 B

420ms
419ms

Image
image/gif

104.105.231.167
AS6453

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQsqfrAhje9Z2zATAB&v=APEucNVDuz_XCbvaOnQ6YTj8R5uou-YnzCoGESxRMEBLVLkJdldCl7qKQEORzu9rAovw9y3zqKpGgub7Ute_2nlq_nUqiozdHFqjlM8hyrHKDUZsX-xAAHmtYDXlF37rBwHQ1S2OcbfaLjfG0U4w2gsm5pXPUCNCJLD826B6ewI51rbBmy4l4v1-dl7apMq85KwYEaEox8r_udfcNp9BRH2VpgC4lS3V1w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.105.231.167 Atlanta, United States, ASN6453 (AS6453, US),
Reverse DNS: a104-105-231-167.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 20:18:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 22 Sep 2021 20:18:32 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 20:18:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 22 Sep 2021 20:18:32 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F97C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUuPmPtHxOc.0p7cAjVp8wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&google_hm=2

43 B
894 B

215ms
215ms

Image
image/gif

104.105.231.167
AS6453

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQsqfrAhje9Z2zATAB&v=APEucNVDuz_XCbvaOnQ6YTj8R5uou-YnzCoGESxRMEBLVLkJdldCl7qKQEORzu9rAovw9y3zqKpGgub7Ute_2nlq_nUqiozdHFqjlM8hyrHKDUZsX-xAAHmtYDXlF37rBwHQ1S2OcbfaLjfG0U4w2gsm5pXPUCNCJLD826B6ewI51rbBmy4l4v1-dl7apMq85KwYEaEox8r_udfcNp9BRH2VpgC4lS3V1w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.105.231.167 Atlanta, United States, ASN6453 (AS6453, US),
Reverse DNS: a104-105-231-167.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 20:18:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 22 Sep 2021 20:18:32 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F97C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKoZe_vgw6LozpdJvie_VYs&google_cver=1

43 B
1002 B

96ms
70ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKoZe_vgw6LozpdJvie_VYs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKCm6AIQsqfrAhje9Z2zATAB&v=APEucNVDuz_XCbvaOnQ6YTj8R5uou-YnzCoGESxRMEBLVLkJdldCl7qKQEORzu9rAovw9y3zqKpGgub7Ute_2nlq_nUqiozdHFqjlM8hyrHKDUZsX-xAAHmtYDXlF37rBwHQ1S2OcbfaLjfG0U4w2gsm5pXPUCNCJLD826B6ewI51rbBmy4l4v1-dl7apMq85KwYEaEox8r_udfcNp9BRH2VpgC4lS3V1w

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 20:18:31 GMT
X-Proxy-Origin: 78.47.208.27; 78.47.208.27; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b6fefbff-37fc-49f5-aad5-09df432fcd16
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKoZe_vgw6LozpdJvie_VYs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F97C
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxMTYzMjQwMzIyNjUzNjA3MA%3D%3D

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxMTYzMjQwMzIyNjUzNjA3MA%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 20:18:32 GMT
X-Proxy-Origin: 78.47.208.27; 78.47.208.27; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 739b4013-9baf-4702-9a11-776a882c98a4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxMTYzMjQwMzIyNjUzNjA3MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5FDE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&C=1

43 B
1014 B

434ms
434ms

Image
image/gif

104.105.231.167
AS6453

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhj5rJmxATAB&v=APEucNWItHrXd9hdmu8D9ZupQlW-4PesF-BaSUaP0-yH2VUHqKEeUHzogJkjtpNd9zNpX17Cwrte46pjFm7TuDhC1R_Dp1PDZK3j9wl2EMvK0YDRsAYUK4Ob4eyBSW5NnO1bOapBkr4WS_maq3ugRRuHAH-GwKj1vPk8fYd_5J-eOb654e3noKbHeV_2yFb6Qx8DnB9HIhjdcCO2IqRbqzFnZySkCVDgZQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.105.231.167 Atlanta, United States, ASN6453 (AS6453, US),
Reverse DNS: a104-105-231-167.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 20:18:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 22 Sep 2021 20:18:32 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 20:18:32 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 22 Sep 2021 20:18:32 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5FDE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YUuPmPtHxOc.0p7cAjVp8gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&google_hm=2

43 B
894 B

216ms
216ms

Image
image/gif

104.105.231.167
AS6453

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhj5rJmxATAB&v=APEucNWItHrXd9hdmu8D9ZupQlW-4PesF-BaSUaP0-yH2VUHqKEeUHzogJkjtpNd9zNpX17Cwrte46pjFm7TuDhC1R_Dp1PDZK3j9wl2EMvK0YDRsAYUK4Ob4eyBSW5NnO1bOapBkr4WS_maq3ugRRuHAH-GwKj1vPk8fYd_5J-eOb654e3noKbHeV_2yFb6Qx8DnB9HIhjdcCO2IqRbqzFnZySkCVDgZQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.105.231.167 Atlanta, United States, ASN6453 (AS6453, US),
Reverse DNS: a104-105-231-167.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 20:18:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 22 Sep 2021 20:18:32 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC08lRIgH5w4hHIgx9sIM5g&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5FDE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKoZe_vgw6LozpdJvie_VYs&google_cver=1

43 B
1002 B

44ms
19ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKoZe_vgw6LozpdJvie_VYs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhj5rJmxATAB&v=APEucNWItHrXd9hdmu8D9ZupQlW-4PesF-BaSUaP0-yH2VUHqKEeUHzogJkjtpNd9zNpX17Cwrte46pjFm7TuDhC1R_Dp1PDZK3j9wl2EMvK0YDRsAYUK4Ob4eyBSW5NnO1bOapBkr4WS_maq3ugRRuHAH-GwKj1vPk8fYd_5J-eOb654e3noKbHeV_2yFb6Qx8DnB9HIhjdcCO2IqRbqzFnZySkCVDgZQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 20:18:31 GMT
X-Proxy-Origin: 78.47.208.27; 78.47.208.27; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2d4fc5a8-b4b3-45b2-8900-2f386f7cf64f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKoZe_vgw6LozpdJvie_VYs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FDE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIzOTUxNjY3NzU4ODQ0OTk5Nw%3D%3D

170 B
188 B

27ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIzOTUxNjY3NzU4ODQ0OTk5Nw%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 20:18:31 GMT
X-Proxy-Origin: 78.47.208.27; 78.47.208.27; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 308bbfdf-f6fe-4673-8dc0-ca49d9816b37
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIzOTUxNjY3NzU4ODQ0OTk5Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame F9F2 114 KB
39 KB 29ms
16ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
Origin: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 12:46:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27101
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Sep 2021 12:46:50 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210921/r20110914/elements/html/ Frame F9F2 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210921/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C4PataYp74R1m01gBQY0GYBYV573tJHTVEEOGetqZ782RsxvC3-bwOj89mEPZTn00BHycrojDPF-f8xVm5dW2NsZR-gYh2XtuKEsIsP92_bktU03-9ihFcC6_d94UZ7kv-01Ch1EW5M49TLswUpMkmjX8P1w&dbm_d=AKAmf-CTCuLSIq3n4P9iGCk4CVqrUfLDUlxRZBldLRX5U8Z9CnG0bjBWI80iANiHEbk6miUtQSwClk_bbu4nXIfqIZWmtPUgQ5ZgVu_oKVC_uRTjPSw50vF_WOtgFoVOq4hs-ZzU_ZQigEOEcjfUzZmlF9CpP_0M5Ijv4FF0F_D0pLwSll4GCv5FnnfFdwdH-uNqZnlsDv7x74ScdHlvEB7jbBQTtEd2tbBlSLer-b37Bi2v5G8eLqA1M3g3-lONt0sx_FHXVQCAXW3l9nDbqnOZYhSANIyG5s7bjx0sU-QRq85mA6SFfzM-wmLueene6e11YzVjSoHkTXNHvYcdUQ6vv2gk3DwxtBuAlRf6UCbzHcG7jWmqqB12T--6CnwagYj34uhxhGce-hqDr8UMQ6zaQq3NnIPcIpLyqH4cLEwFj3wDvwKuCxUBJmHifkmudviV_LmReHgpzGYxKnYnmXkAKCwTjV4TPDRW4xdx8_P05bZ2rekdPrkmop5daz0tZ5zaSLUpXyIw4KXRfMHDguivZR7Cp6lN14w-nuPbku8gENftvonwSLlo8khR0DHZh0kHBOn0Qm48YNzZKw4jB3-S_xqVh40vBDpok-uNKQWOgIEYWdb1IGCBe_q4kP4wqWC2fHj32yhOOM33h6TBVV-YJLlmQHTsKq4csvLZ72sOVe0M2Qgsn5y80_s8vj7cNkxGVRjnbpLbo3-ig5qoYEXEepdyzhH9MnI56d4-UzCH9qhuDybQLN9O-Lt_ElgKS6-TmkA-xhdR-JyQHOTxGn7aOmY6jE4j6HBAOjXOx3JVMjYt76NI2WLIfZVvWkayeXOCqpntsWJXZRHwsaIVzB8CGSEqfp8AMuAPRM5KwMzzPqgE_8cchMcE0ZwPZDQDNPV2kakc7bK_JAasUj2I8J7V08zkCKUiEmqJNAaSgBCI7r9taF7zv-0J4UQWYX74K_yZCf3Qa9I3CnKVXUegBPXMntioDqRgzej6PW00H-YK7-naHODla1Bpxl-ThiQWzD2X4gljOfaeIBOek8OkYRv6MfE--ScI1mnEfQPA-nmDIwZFY8uOMqId07lHneDd-SCq8MfNXxc2m4OdmaqlpI83auPgpM61iNhkQ466THKfvx5nHKnqRbm1JWILqbieZnElWi1p4R9rAlYGzgkithu7POJ_UQCnsqBYump-bfnjTVJWSG9MilqZylMSWYxVwDKagT4rgaMEe_bsiL5uBv7OUbS08wytBkQ78AjGSJgZVwG4M4S59-pFEc_D0f7HsFIWmmh30knJZZUngpYR8RZhFOYVViyw2yr_p5QzZXhtHoCCtBjX2hhfkeja6W6cjfCTBMdT273IoTUBFjfyTqNEM0hy3dwS1tWDKAsb3eUhxF5BCIdRn4DxgY27L7y5pyuHuL2z9Z7_ytZgynMeI0x3FSeOBd-gOZnRKPCflG-TrFoeEWutzgug0UCQ7gNNnmc1UjOZ-spe1-BpntObB9-eXYJFxEBP5VWkMtZdFGef6j-LPJyvu_2pzPidLTCQcTw_-x4nwGWoDdJHDXPn5Wl77oMF-rWaZrHAhZyZENL_PF8QehUnWtLElwF4pdcvjLpA1W-CX9NxdwTXjAXyMncOVfC8aB58iGkk3WmOVKBx8d9e81tDHOzIU_Di1_1lQSKGHKuvlVSTdgwQvqWjXl_cu3ss8nnASeigkf9aeB78rqMsnHl37onchMHMOFmIshqZcX6AkGo9rQEZSg0Pofz4GETogYu9X8hpwfiw9X4W2L91hNo57TQ_6ag_skkwRMmNjIfm4ZzBdzxwpAhcCmTHAjpGiHSpxDclEYrIjpZT7vDCbvrqBD7vKBUj1uQh-D3zetVIYOQvUTQERo9JvdGHKi4D1TpaRKP4N12GFRW_e7X4YUL_cR91Vr1HlzFSS-zxxv6CJ0qZdHxZ7bL1ohBghkIc2MX4iuAmIIUwZNkcT5_xNLxzSDn-CtzSpuCL6YWKOAcRAtZNqvJE73lPlbFbVUvw30AFSGuCZPrfCQruBmIpXhWNPSyD8jTBnE5LxAjjlFbSVj3xbh21VZhCEa--KCkaOcNU2oP5xZax-cgFb9gepjUgzIpfidVSGt1MCZz516LrInbfyAb9Y280COQlm8YtSq2HNp2ULOwBiod6IbOKlf2beFqeU7Z6B74d6un8l3o5Euo27IG0MYxhyqQBPes0dgrc1R6bii3LwHEK4aBPdap25-qlLF0oO9iY-WnAd--VUlb6HVlwq_yPXZB6dHDm-9LPK01IAPrBkoYyyqv5fBDOarhNWzHARYVqL5nCUUXoq0k28V98AFjYVjS6uOG8MlS_GJHaWtCYTCgOn6vtFN76PDKJ5n3lVuAsPicGBbCmGxZeMkea_2L_4QwwICmSX7VswXSxJ1c79RD8tooB-8umvNH4x9Isw12Sje3NdYJu1js8o1djFJZkm4T4EkeYTG00h_zsCRBFA9MGvVnAEFxuBjDm04BqMcItvJm48t8b5ntc78sQipXXrdxITsaIONIneGMbmt6QwbJZHcqdhTYYH7FJEQdEtbzT7Q3PInoFFpYLjU8BnOV8LvS33EaPOcaqdioil0h4fjRW2ViisW9vcJM8wuXsafqfVnSetO1q4gl16LZVpgx86gTfsCFbzQX4KVBK8inm8VjPrCguOk0g4jvnkL_QhpHHyEp8zTIBf_JMu0_GdTepPFzF8tcHlV44Umx18IU3t5SABX8Ei1XmbX2gLsrj4BMoTPWxiTIzXJva5iivUoZ9N7QtbdcIzi0nWNu38Sh2XE7qkeOLSGuwxgUHwo790cFXWzjUDr5tSmqP4NtMh9ggbEtjs3-Yi6jogmTyg-in5Ri5AjmAk4U32CdPUQP2CbYn-8FFSrOn2z50GZRyIfQNpMHHlniIn1UrTKcwq9khf9AmFR_F5r72Xmlv7OxiWlo4_e56kJKFxOfLlygUToIOvhv5s0S3X-97Ew5wRL96juz9TrXBCEiqKcyttCjL88GKN06rX85HIbhRQoq7NK2eoCMtE14K-fIlUYucU07XImorGOhyEocARbLrt5h1kOEuD0_VMZbSQJCOVZ8PNrFnkiuLKrpMLwqjwgGj5hsf0cOBmmwksW1YdPvGsxURvBb5fJv44BO47-AFNTXRBG1K2FDGkeZujfyWqoj3qJ79Ai_JjUcMfOkVtGZnRVXyYyS_YjiGpKkgosr30nz0X6VM-kCU0wVTfJA-mVW1zYg0xJLJQ5JsEPK96tPDuowx0C5SjnfQbbRpQYAqdoZFb9UEoljvtGWN_TM2dAuU8kIKzHlocNIm7zDs8oIOTe7fqaL4acCuZLsj_SwOYkoiC1OBXJjev_S-yO1NE5n6RdCvmHbWXRlp249J4G2EIj00Dd3g0weHwGFzah5_NMfhSmFZh5isyDfUzCeYyKV31XKw_TQEOnlrsHRJf78jlAUVw_a-ZAYh1N1zxzX1Jnk0w4xA9GshzFeRJ2y6o5PflFvTEHiHjSP4e5yHzzSptlceAzZi_g2OdYnTm0UlZ3SuclJEGtjQzn3BXCklUp5pQISuEaUFSjzOs31MZOkdtrW3KR8-4kpch5wk7fYXQOGQbanGRV7Sef4qbDXDj0G60tF7OpY7UhuZyWCB7PwJT7AivQV53XIc3dIblC9N2Zuxt3Vn8Fy8B7S_Gk5ZXh4YnIQykI9hYN_YvCXUK5A&cid=CAASEuRoXQzjbQPlOv0CfNjD5jgQtQ&rfl=1%2Chttps%253A%252F%252Fbg.onpointpublishing.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:14:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 233
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3143
x-xss-protection: 0
server: cafe
etag: 2416364338287085106
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 20:14:38 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210921/r20110914/ Frame F9F2 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210921/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9237
x-xss-protection: 0
server: cafe
etag: 9463376652360951579
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Oct 2021 20:13:14 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A7B5 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 17 Sep 2021 08:58:07 GMT
expires: Sat, 17 Sep 2022 08:58:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 472824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
707 B 7ms
7ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 16816
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: AqVbMloMCfD0JPGPMtYh8HqWku+mU3LCOyBV3RWZDsbuxPPBhmPoCHF3dszT2/Ka3TN0CVxRa9I=
x-served-by: cache-fra19125-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1632341912.646315,VS0,VE0
date: Wed, 22 Sep 2021 20:18:31 GMT
x-amz-request-id: E8X2YXVA73E9K5Z9
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 15
x-cache-hits: 11787

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4057
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEFwPL_zihU-gcPpSHH2uaeE&google_cver=1&google_push=AYg5qPKAdg6qvPveT6AI4rZMtQdFi8SeB-J6ldWKH_jTuAl26KRizvAJnc4qnM3Dx04NsRAT3OU3zajTUw2yTlz0vm6QBAyrGDY
https://rtb.openx.net/sync/dds?google_gid=CAESEFwPL_zihU-gcPpSHH2uaeE&google_cver=1&google_push=AYg5qPKAdg6qvPveT6AI4rZMtQdFi8SeB-J6ldWKH_jTuAl26KRizvAJnc4qnM3Dx04NsRAT3OU3zajTUw2yTlz0vm6QBAyrGDY&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKAdg6qvPveT6AI4rZMtQdFi8SeB-J6ldWKH_jTuAl26KRizvAJnc4qnM3Dx04NsRAT3OU3zajTUw2yTlz0vm6QBAyrGDY&google_hm=4dpXE7IbzAELKtYLgfi6nw==

170 B
188 B

27ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKAdg6qvPveT6AI4rZMtQdFi8SeB-J6ldWKH_jTuAl26KRizvAJnc4qnM3Dx04NsRAT3OU3zajTUw2yTlz0vm6QBAyrGDY&google_hm=4dpXE7IbzAELKtYLgfi6nw==

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:30 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKAdg6qvPveT6AI4rZMtQdFi8SeB-J6ldWKH_jTuAl26KRizvAJnc4qnM3Dx04NsRAT3OU3zajTUw2yTlz0vm6QBAyrGDY&google_hm=4dpXE7IbzAELKtYLgfi6nw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: evpdfl3kls4gm7ok8nlvqlhdph0va431

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4057
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEI3sCZyfoEhOWXfjzoTEXRQ&google_cver=1&google_push=AYg5qPIEEVGR-BakzHxo-N3p_wgdyNfEENN1f-922MgGk9aAMiV9xBZ3ZBwLBitS5l1uG-nMbnoOMMrUSi0tUAPqDGWo2v...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEI3sCZyfoEhOWXfjzoTEXRQ&google_cver=1&google_push=AYg5qPIEEVGR-BakzHxo-N3p_wgdyNfEENN1f-922MgGk9aAMiV9xBZ3ZBwLBitS5l1uG-nMbnoOMMrUSi0tUAPq...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=7N2ObxB6RlGiTvf5xeplIQ&google_push=AYg5qPIEEVGR-BakzHxo-N3p_wgdyNfEENN1f-922MgGk9aAMiV9xBZ3ZBwLBitS5l1uG-nMbnoOMMrUSi0tUAP...

170 B
188 B

19ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=7N2ObxB6RlGiTvf5xeplIQ&google_push=AYg5qPIEEVGR-BakzHxo-N3p_wgdyNfEENN1f-922MgGk9aAMiV9xBZ3ZBwLBitS5l1uG-nMbnoOMMrUSi0tUAPqDGWo2v8N-Jd5

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=7N2ObxB6RlGiTvf5xeplIQ&google_push=AYg5qPIEEVGR-BakzHxo-N3p_wgdyNfEENN1f-922MgGk9aAMiV9xBZ3ZBwLBitS5l1uG-nMbnoOMMrUSi0tUAPqDGWo2v8N-Jd5
date: Wed, 22 Sep 2021 20:18:31 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 4057 0
44 B 796ms
254ms Image
text/plain 52.198.4.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEJp-_wm1y9TaAv2VxiI3tWA&google_cver=1&google_push=AYg5qPKxWg0EcZxymHjMXVVOz_ZxYCmC5BTidHBdGQxlmFVCv28RY6aiy9A_MutMegF4v_AA8WAFVtQkCLsWCSlyBa3nwTu2lUM
Requested by: Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.4.47 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-4-47.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:32 GMT
server: awselb/2.0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4057 0
253 B 51ms
15ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J1zo_q3Qu-TsnRRctbpUGMoCvPPnb1kr9VplKyMA44tQ

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F9F2 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:58:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 17 Sep 2022 08:58:06 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 64CF 1 KB
783 B 8ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 21 Sep 2021 21:06:15 GMT
expires: Wed, 22 Sep 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 83536
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js Show response
pagead2.googlesyndication.com/bg/ Frame A56B 35 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WOdvqX5MrEWan8NE-dDT01W_bgveDh48divqo2Vh5b0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:43:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13526
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 21 Sep 2022 19:43:54 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/4508555922903266927/ Frame 861D 41 KB
6 KB 333ms
12ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd5d189901092f36d382a5cd39053f8c5aa2dbc40032dc3f539555ef6ce95280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/4508555922903266927/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
date: Fri, 17 Sep 2021 12:19:21 GMT
expires: Sat, 17 Sep 2022 12:19:21 GMT
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 6076
age: 460750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AE2E 0
61 B 73ms
27ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsut1548eVnWq1ZjPHG8Pm6okztzvEI9D5vx8if8fHQoGvFJoXqaKIwCf6pe9oVg3Up-WatD5kgXY35WFNRsKlfDQhVKwUwaDnt97Eh9FfYfUhUUFxEiDxMMJUurG1HccY-h8FH3DNgmqVLpk2707Pf412EOT71q_1pnxg9Ykv8mLHPZ_nN4U1aOv8zLMvzVfZh2hhHTmrbm0E4H9xSrVugYBN8eUk6q1mEHUWkJ2uP0ROKX5f0E2HoTqtSmER6W-tTl5_nIzz7iP5ZkTZWiuuDYhFQI85_pNm2H7E8G56Ayi0WreneCHFsDVOhU_lNhy5FmHEgfqNELWaCmFxCQocukgzpRe-vxC_NOwwkPYWPhQn11QWbex59lhYoTsCbvjvK-XKlRjuhgdMjD2DFQYc4XIs6vWPChmudxvbfRGW-IFjOHeWjbzHlqNPwCTgxm4TRtgOpa8PbQZE-VlDidutt_Rq3HvlOt-ow8yl2d3DU_rcmXld7dzFyVQw9kDXrda6DGxqYrgH9XB3QKx9Oe7kEk7Ga9hmM6bTyNjt6gj_eB7ZELYPU4MX3u7J_P5AkSC5cNVLZUuTrKsio4w2osXW_xBdqpQ7c1dZ_0DwHHTxbpCp0FlzYRkaD2ek1-Ft-MwvtnECT16yc1dT2neSPdfC3teGO6dfIhsoRXc0s12PkF_kM0oS2SE9nHwEGa2gRvp8IRmfPWwPbSzP0NRVByCj88sJXpxANqefcu95xzYlluknCvnwvvWt61DtqYzZGsGBs0lsKpNWAbAs7KZ056Fj8uXNCLukuSqd4Wcbtcmoq8U584oKLpGNus2w-wtjh8FLCQtgrqgWDKuMt4LWk_Ukh8HQzDujvwDvMIaTjinoQTx05QYQqwxTKU-iFCRifr5Pp9jLZX4dD770UY-ny1FMkBzSvygh8qEwDJNWLR5W0KWUsr_BLOlhCVfAbB2v44BZDh7125xCXDrgSJxiKC29UuTvnJV6FY14kmqpeCAaAcKtQV7zyXc7aCvMuHI_MNUaa4l1X2G353biYBGKblzAvKd5WxN1hd5PSLzF1-bhSPXwR4f-fSnjXoDsjUQw9yFACnH9p6kgrLYB1Q1Hss4D0aEbjlSUjq5IlBkKS_YkRBZ6gEvYZTMaqwOqjRCE-8WbUQ17kM5G_B6Gsv_IsU8eGcMmL_2T4l2RoJlW-2uxJRRi6xpvUY6QLTjrHInnBh5Fyz3e5yxf7X0GoE1k270JZsf8BlbVZ8iy3Hu3rduce2B8dk-CBqyVyDI9Fa8w&sai=AMfl-YQP3bSCf8GMEemUE4oVrLsE1fALxrpP-SQiNZuiHNGzOmLikgAZ17UyED0fK1PxecHHBGgVMHFRKULEDfb3FCXRsuX2aN368d3KgLIwrBLGLE0AIJBP5CkKgb7ipy8SxODaXDYXY5gxwYeYjmfmHCCRcoykEXgGBnAQYm30gvom7c0dBPReAqwwG50I74D8asyNhHgAM8mPNWCcbTIjxJAD9SRmvOPafJMkaotwWM70aqKaC-bj4uQzjIAJWLBZSSwot-AeaDvah4MjSujdCvP0o4eLgz4&sig=Cg0ArKJSzK_elZyyHuUqEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=98&cbvp=1&cstd=96&cisv=r20210915.51188&adurl=

Requested by

Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 22 Sep 2021 20:18:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FC56 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 17 Sep 2021 08:58:07 GMT
expires: Sat, 17 Sep 2022 08:58:07 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 472824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.html Show response
s0.2mdn.net/10350127/1623936663589/ Frame A2FC 64 KB
18 KB 314ms
7ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10350127/1623936663589/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14a3d13ae29be549cdd38b507775a85b81aaa8184f958217c709b53c12b39734

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /10350127/1623936663589/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 18087
date: Tue, 21 Sep 2021 22:07:40 GMT
expires: Wed, 22 Sep 2021 22:07:40 GMT
last-modified: Thu, 17 Jun 2021 13:31:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 79851
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F9F2 0
592 B 57ms
27ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7OHTnL1FbczIQLlJqiYXtwmnQaYeijWwhVUvM0UlmTai_G72UpNYA1oiip7s6gFjYKmEmUw8cOrPfm0bV00dOoWeGdFTxxI3jZXcOyp2OC9Y7_gWQPssVFI2LdTcu9kRZruxKwHVx4y5c1YRcVxphc35ILU12jXwUaOmpghcznWjC45L7fKQ0UmRsvbSPFpVDvAIf1si10SNP1uzRQYv1iwnJfvfS3kmXf1Q_wWUuBcw-ytL-tAp3hVVdp1sq2_d82Frg8t9FuZhfnSRtcAKHQuk2SoCaqf0NXXL53UDoBuBvPOr_VHeqRd2uzXWfQ1VYve4KzfI9wyrbBhhCyR3eBKNz7PF8hveD99FToW_ESt2Iw8DLULvKLwzRUr2wAJecm_kkZ9ikR_GzKZeWKszFwr64bODRxRXT9ANXXVLalgemGoHYCIuG2XKXhIDbQjPUqDr89daCJVoiMmjakTjgUxaHl0wHBU_OedA9OGLvspvleqPpiMh81pgfSaARPGsnXBsamngbxJeXQ0hlWjVkOL9LWZ4IYx_toEK-4lpzrrW-spaG_I1snHKFTOKJlofuJh1o2LQqbbLmKPzrXgz_4YkXM4bQ116Y8-Dwcx99kk46gwd7P1Vsnkcoc2_HIxyOr-NsJRnqtO4KPZdvtwrj79Lu97PoourevYj9UWkLT_cvA9AjEc5bPgMQOP2qPYNrJKxJMSG7K0WJld8w1IqXsHmFNCr17Vt4MKSrBg5-BiowHUNJHNiDbs7mZetT3SjKA9eZdsQgznMurhp1at5m1vM1HMh1_d3uAO6lEC7YsUK0ZLqlWzB8qh2bbT0ASrSQF9NqhvVvxRqOe_FgkJ33EALE2344rSinWoE0Xl1MXYPBzzG5mLBwqz9CYTJo9GskBphnWCVt8VU0L_O64EjYS_WIOsu-QvcxgV9TeD4FhPu4JXi5OTj95NjO6ILToJ9QzJ_0Pez7lPYe2kLk69n6PLAaRoOLP33SxC1klKLMNSowb6N2fhnf4f8sgfx48U5m0Sy3SOrNX7kDE9TD8ej3X-_KeEc03aWBnwK15oO_BDvGQ9i4IUjS-1aOqjKp-FoeNXkM0byi9Z9YXUrSOu494JljmWuq4BOqN7Od6_gy3IRcztUIWb2JVO1m6OjayEMMSIRWa_doZbqS5cMw-3aqBQ8j7C1ZUSwkRriXY49TvaCRIKzQAY8NjcuAmTc_t4WIWOiXxJFv4kQXcsWY0STgERdWa5R0xnYQhLSDfxeYl25cQ00OsiV1NddvQPEyp7h6cqw&sai=AMfl-YQrWKCHdmDMkfk46Xi3dbIv6Ws-pgCraHlPZ_XEbh0MXEER_msbjL8xLkF9pIgLmYtHl_ooM7o7wA-V45uHPVpKNRsO1iCZvfYOnST_CwVeemOgHmGUxZhH-TEqjPC5XSNt9YwtMnP0zzvD22V2tFlvo2ZQaA&sig=Cg0ArKJSzB-kVYknoIscEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=52&cbvp=1&cstd=51&cisv=r20210921.60749&adurl=

Requested by

Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 22 Sep 2021 20:18:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 -1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js Show response
pagead2.googlesyndication.com/bg/ Frame A7B5 35 KB
13 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 19:42:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 21 Sep 2022 19:42:54 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 64CF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESELYgnDldsqaAek0lfiubIxw&google_cver=1&google_push=AYg5qPJIX91MVXzt9Q7OF73uoA2CCIngG9-87IOTN1qR41tjHc3LEkln-g-RX8tGxqcw_VHUqWtY8bDEAFvCVb8J-374uLR0O4oB&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELYgnDldsqaAek0lfiubIxw&google_cver=1&google_push=AYg5qPJIX91MVXzt9Q7OF73uoA2CCIngG9-87IOTN1qR41tjHc3LEkln-g-RX8tGxqcw_VHUqWtY8bDEAFvCVb8J-374uLR0O4o...

43 B
442 B

182ms
166ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELYgnDldsqaAek0lfiubIxw&google_cver=1&google_push=AYg5qPJIX91MVXzt9Q7OF73uoA2CCIngG9-87IOTN1qR41tjHc3LEkln-g-RX8tGxqcw_VHUqWtY8bDEAFvCVb8J-374uLR0O4oB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJIX91MVXzt9Q7OF73uoA2CCIngG9-87IOTN1qR41tjHc3LEkln-g-RX8tGxqcw_VHUqWtY8bDEAFvCVb8J-374uLR0O4oB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:32 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 692e39160e3b698f-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:31 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 422
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 692e3914aada698f-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELYgnDldsqaAek0lfiubIxw&google_cver=1&google_push=AYg5qPJIX91MVXzt9Q7OF73uoA2CCIngG9-87IOTN1qR41tjHc3LEkln-g-RX8tGxqcw_VHUqWtY8bDEAFvCVb8J-374uLR0O4oB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJIX91MVXzt9Q7OF73uoA2CCIngG9-87IOTN1qR41tjHc3LEkln-g-RX8tGxqcw_VHUqWtY8bDEAFvCVb8J-374uLR0O4oB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 64CF 0
141 B 43ms
14ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEOw-xzKSn9wAG3orGDPIDFA&google_cver=1&google_push=AYg5qPJA2xZnGLEyx8Ea3AoMig1_icn_MvADbhAjUfDhrHzHTcm70gVwSoxR3EOgdwF6GvqkGU599LEQ3vqELzVwWslKJZFWnCcH
Requested by: Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:31 GMT
via: 1.1 google
alt-svc: clear

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64CF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEBGW_F_pMWzNikxfogQHJqc&google_cver=1&google_push=AYg5qPKIVPoWSnNzNPoocLpEaZT94rC6jfew3D0J-7sPr1DFmNxQ77KsfHilcDOeQONqVQ9idh68K4jgPd_C5oQCrCDADm_...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBGW_F_pMWzNikxfogQHJqc&google_cver=1&google_push=AYg5qPKIVPoWSnNzNPoocLpEaZT94rC6jfew3D0J-7sPr1DFmNxQ77KsfHilcDOeQONqVQ9idh68K4jgPd_C5oQCrCDAD...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKIVPoWSnNzNPoocLpEaZT94rC6jfew3D0J-7sPr1DFmNxQ77KsfHilcDOeQONqVQ9idh68K4jgPd_C5oQCrCDADm_NOxVx

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKIVPoWSnNzNPoocLpEaZT94rC6jfew3D0J-7sPr1DFmNxQ77KsfHilcDOeQONqVQ9idh68K4jgPd_C5oQCrCDADm_NOxVx

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKIVPoWSnNzNPoocLpEaZT94rC6jfew3D0J-7sPr1DFmNxQ77KsfHilcDOeQONqVQ9idh68K4jgPd_C5oQCrCDADm_NOxVx
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64CF
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEI9UX-wrdxNqtZdbMwj8CCI&google_cver=1&google_push=AYg5qPIVIP9RVMRsA9ycmBM82KGXONsmBETJMsfNRJP_gB_tXp3xQdc_-3QcWc842r5tmpVFcqgMyWc8bvFSSoAP...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIVIP9RVMRsA9ycmBM82KGXONsmBETJMsfNRJP_gB_tXp3xQdc_-3QcWc842r5tmpVFcqgMyWc8bvFSSoAPIt09tj6D_wxV

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIVIP9RVMRsA9ycmBM82KGXONsmBETJMsfNRJP_gB_tXp3xQdc_-3QcWc842r5tmpVFcqgMyWc8bvFSSoAPIt09tj6D_wxV

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Sep 2021 20:18:31 GMT
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPIVIP9RVMRsA9ycmBM82KGXONsmBETJMsfNRJP_gB_tXp3xQdc_-3QcWc842r5tmpVFcqgMyWc8bvFSSoAPIt09tj6D_wxV
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: yv3LtiqTKsnNbQKS_vinGC0yCK81vFhH7pxOAQO3y4R-oaob0VQhKA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64CF
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEDEVFA8W072bV47NCKswfcs&google_cver=1&google_push=AYg5qPKG9NYSFkH5sgr8UxEMTf5QfreUMWJRFvnleV_M8MCsRw8PIb-6983nV3yJmRF4eHF1Fj8Awd9kWHJOqPCTyvFGSoKof_3V
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1MzQzNTEyNTYzMTU0NzAwMFYxMA%3d%3d&mn_hm=Mjc1MzQzNTEyNTYzMTU0NzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKG9NYSFkH5sgr8UxEMTf5Qfre...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1MzQzNTEyNTYzMTU0NzAwMFYxMA%3d%3d&mn_hm=Mjc1MzQzNTEyNTYzMTU0NzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKG9NYSFkH5sgr8UxEMTf5QfreUMWJRFvnleV_M8MCsRw8PIb-6983nV3yJmRF4eHF1Fj8Awd9kWHJOqPCTyvFGSoKof_3V&gdpr=&gdpr_consent=

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 20:18:32 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1MzQzNTEyNTYzMTU0NzAwMFYxMA%3d%3d&mn_hm=Mjc1MzQzNTEyNTYzMTU0NzAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPKG9NYSFkH5sgr8UxEMTf5QfreUMWJRFvnleV_M8MCsRw8PIb-6983nV3yJmRF4eHF1Fj8Awd9kWHJOqPCTyvFGSoKof_3V&gdpr=&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html
Content-Length: 154
X-MNET-HL2: E
Expires: Wed, 22 Sep 2021 20:18:32 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64CF
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEO_DWpZ-_26IpAzD4Rw0JCs&google_cver=1&google_push=AYg5qPLkJ43JPNzLLD_jS72t9Lj-1r7afgY_A_itN-v81T9LfV91ipfTMuzQy5_-DsXYjd3WaZHiQHGhFcApLsntE...
https://sm.rtb.mts.ru/match/second?r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D32f032c2-2883-425d-aa2b-656cc6a25ba9%26google_push%3DAYg5qPLkJ43JPNzLLD_jS72t9Lj-1r7...
https://tech.rtb.mts.ru/?dsp_uid=32f032c2-2883-425d-aa2b-656cc6a25ba9&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3D32f032c2-2883-425d-aa2b-656cc6a25ba9%26g...
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=32f032c2-2883-425d-aa2b-656cc6a25ba9&google_push=AYg5qPLkJ43JPNzLLD_jS72t9Lj-1r7afgY_A_itN-v81T9LfV91ipfTMuzQy5_-DsXYjd3WaZHiQHGhFcApLsnt...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=32f032c2-2883-425d-aa2b-656cc6a25ba9&google_push=AYg5qPLkJ43JPNzLLD_jS72t9Lj-1r7afgY_A_itN-v81T9LfV91ipfTMuzQy5_-DsXYjd3WaZHiQHGhFcApLsntELZ1sOu8edNqzg

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Sep 2021 20:18:32 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=32f032c2-2883-425d-aa2b-656cc6a25ba9&google_push=AYg5qPLkJ43JPNzLLD_jS72t9Lj-1r7afgY_A_itN-v81T9LfV91ipfTMuzQy5_-DsXYjd3WaZHiQHGhFcApLsntELZ1sOu8edNqzg
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET

pixel
cm.g.doubleclick.net/ Frame 64CF
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESECX0t6PHX-M2JijH81C_lVM&google_cver=1&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w
https://ads.avads.net/sync/ggl?google_gid=CAESECX0t6PHX-M2JijH81C_lVM&google_cver=1&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1...
https://ads.avads.net/sync/ggl?google_gid=CAESECX0t6PHX-M2JijH81C_lVM&google_cver=1&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zH...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 64CF 0
12 B 30ms
14ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ia5zT-2_srUTYrSpl4gSBPawRBwZYZO_wLyG9qLgZFS_zLDWHvE24PHaY9n8wi4d5kPVIpk30

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 csVh-mWMFjsNWXzC6t087cpicS74qrTXodz_eQ5g-pQ.js Show response
pagead2.googlesyndication.com/bg/ Frame FC56 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/csVh-mWMFjsNWXzC6t087cpicS74qrTXodz_eQ5g-pQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72c561fa658c163b0d597cc2eadd3cedca62712ef8aab4d7a1dcff790e60fa94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 06:14:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50642
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13281
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 22 Sep 2022 06:14:29 GMT

GET
DATA 200
OK truncated
/ Frame AE2E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11abdf36f27542d5d3598f37a47c82eb0b48fed6af5e5dd1901bbdd0aa9a9f71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F9F2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df1888e36c5b6536f93128bee9578f2bc54465503c4396c3b13a9441bf687828

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 32ms
31ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021091501&jk=995622837883750&bg=!9Pel97PNAAZNQyuQTUM7ACkAdvg8WhE-3sUd7w291VzziQ78oewEAvdsGrrNtFPWEaSL7OWJzSl3kQIAAAC_UgAAAFloAQeZAsDhP2eMabm9lxrcBT_6jyq3A8m126GAdM1nDqjEBPuZvxvLmrddLWDjwZ4xGSNqm0mlCtnCL3mEw2D75HK07zaRB_UJDcE3IOnSjx--KhOSCXzyBbALtooNMTMZm0kiUMHWlNPYmYWumwAWXIzhM_2b68NQOzCY8fZrFy5sJ_cX_wyUL1rEChjkTeK9YkqaEvGFBzIj0aBdNP7y0y_jAModcqfLl174tTt8vuPlvl5fAAHY4-fXxmTAEPbrViNMWmmcD1kEpCe0nhYqceKadNvOLPFDrQs7m1hyoGLjmHid602ewx6EnyFj_Oy8DTN7lUJGk1O1GYuhU6yUmt6VlfVmEQHUFIF7xvkSkidypUUGooa9-iXbsaD9sKLKbQrjAx1RLzB-_GWvosFTbjjwDh5b4bX0mCkpK-f3MCJkbHp6IluyV1PklokHpQITdusa7CCfw9KVoUMlxVvHI0NKn3ZrH3mVFvUzoX8a7BlixOWEAv40jAY0q78lBUcW5kWqFViI2bRUaQhB6u7rP5uiWfyG3B-MKaqckET6Wkhlyp0yaxbsnS6hY84OsjxAiZm41zDZOAN8sOj_RXpLJRMufDM_m3O-hMCJf8ija4EhJ1Aiba2b4KsSalWL5ZfCl-G1YsGyHVrFGGaney77zofDV_U7Xjt3upVj71LxAq1tQHzRvJ7p7eo3wFShHe-Qd_uMlGo-sTewcPasSEz5o4p0VSZDTH3g-bs43UPNig9GzHwudnKe_i4wzYEGtYR14ajZSGdgn3TgLLcpPKlgyYLG1JbnEOZNDz9IDt8Qd-q76vehP_LwCxH1COaN3UN7uhjcmxObhorzgZIpnp2cbAxyAfzKbUkOgx-SWDWU7IdrCwLiNGJi3eLInkROWeM54jO3MfeBM6MliFHJ27WoznUcMVlgilAZy1abUa9R1V9pDXIx9Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A7B5 0
47 B 17ms
16ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZX85l49LYczFCpTtgQfVxLaoCgAAAAA4AeAEAg&bg=!T0ylTAjNAAZNQyuQTUM7ACkAdvg8Wnz8NP90iwkJSoS6CbauSgG6xjuPIRmytEd9osX2e7eCkRWKBgIAAADvUgAAAAxoAQcKAGuayrAS0gxTI0i705nYASak85LpHaPDX8uiRcpcp8tOHEAaUvPoveHzM0G8l3NAQXuiBKx1AKSsbvO74joF100CdesB-bBQbRz0DheolM2dR6nJTGoDsy0MYNaZE_JHhNdmtR5RfmlOFb-q3JkDATEuLq11su6QFMCN8erq4eXV8sNzkZoCSB36_Am32CzEmWSf0QkAgRjt7FTSMZJExDIiId3u9oBlNrNm1oY0kJqrrAEQ52HdJm-YND30namoYgoTpMqGUVh2s0eblMDHJ3WVjZ9nzKVxzA7YT7wI-I8nZJmE-iTTQxLe-X_e-rTIwzC1bxMZRUe1qwcAnoLxva-UkscNhcFaN2uTL12U3prwjemE5zAvwJb4ISUhZVT3fW_Z9tQMVV3jZ1g8yLdMz41M_YotN1Bzyq-j32fR1nGGluvQqt3nQaU7ZIPJGDyWqZp40h2Qnd_UM97dl5f9HqiXgIxPKoYRky2My0hKoAr2cnp3RMGZNyfDPwetOKMkfUudsvLaIJ4Sfeto6EqFKhytIHEmaZAB1vtO9gOYc5xFpjILqWmqLU2UZuivrzdJnQR0OWFi053OVAqmJzHFxfTHo9q__6O2sMec_tuGi--e3Xte7gaiQIZVIp3VBpTOlfA-M5KJfwt5z9HfYFJVZveWNSF2wAmMu0zvOdq1Z0tSBMfForRSubc8DR5VsQqnD9ZpGsjwggTVsWqX1S86Bmsn25PF_T6pVPfFA3XZjFbu7tIPVAfw43iw8BR2wCS06Fwk_eR-Sr36sQR_iiGc0JG9u1h8PeVvWIi1Hb4pVpRcKHmhFOP9YR2Mx5qndQ0Y5xZgV7FmW4qtdJHLykuf-S_LlyMbkdVUYn1WuV0AIIqipjKiWgEKczLs0AGYJNKrkRLw6YC8mz5ezfYLQLq-n8JwcB0TygaRyjx2L6Odr0YYjgS2-aq9UwYYGQxz4-s6YXbLsP0EY26w7tXl7I9QODtQ-WVxf1E-iLhOqwtRBeqbEGGzYJGe5DMCsh_SlUeM2Va2J9NUzvW7pTmnLyBTfheoktJgOwzlWAoLWVTKxHwFBCxcaoPnK-aggDLNhdIgMNwcYEi-3oaZuP3lcUi9i7p1_20dNM8H9qtnMXsejMDB2we2gyJ4OHgGlfV2sdwoeiAQ0T5UhgoikpCSARnIjRE

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC56 0
56 B 16ms
16ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BLo0Nl49LYameI7KKjuwPku6voAIAAAAAOAHgBAI&bg=!cnGlcTXNAAZWaDWkVmg7ACkAdvg8WiFOVoDZn6UDsSih5GLGjPtmSsvsOwp7rL9dLlsDyNFeMkfldAIAAAD8UgAAAAtoAQeZAwy90VCYnGhp5DTPi0cLsJlNRc74cUmxleUIdfK5ByQaa5Xn6WOPLeO569Sk70NqNXSHOv-XmX5XdTrvD2XoDLmqpjcwLsOeBH__DxKu7ggak2rJFg9-APpni6Jqtc2fkCZzr7zL4KMB1y3JPxTmyAVuoR7HXfBxvOTg4Ys3kpgUV157dZvmnuHWF0ttL3-7rgrVORaZnapQ4IZHTN7-IZ28FERCA22fZGCOsZuAw5IOq_0nZJbGfAtww_f_8VcU2VJ7HhTCECLa9LUbfcCmqJkV1zow1_2atDcpH74frABi_FDW7Zqq8KxxXgmqmkmnxOyASS1t9wME_t8A7AQ1DarTZYFBC4xfI6Jb7WntBymhir52SQkrxbnJx7SmJUx7gZhSYyGxpY1TUwD2tTcoy8sG41ezhQqBeIWYeWnUNCaWewCuGP5IgnN03_-z8nD4DQVLDkcd_Puno2L9H0Bt7LmDHamImQwRg94wXkD_YoLADvEj1KlLJGjes570JOzenK2rnaIGRkI0cDfhPIwlPkx6S98WluBHv8Oi4qb1iXgdq1zwLlW75pZyUquYjzmFb_ZTWQp5H0C2JqlPkXNqOuoZnRuWhi_RE-gNQ0DKC19T3PKmi6s3CHe9NwEANm3Ut2O4YK09exIhrhL_wiLDIvIFBQblptL8lsj1zCHN6ffRO_awb8DCyy-jUH6-a0oappjabBDcuAmX1qZaomp9jglJ8lZgebhp6ADsl_8cRpVk8CS-n63ZAjWelVooH9eIDe6DNih_uFis9qLsP9PN2nMkxelfnxCCXU6nfO8E3QTiCsG4MMrWUwJcysNRd5JDZeZCMJ4ndk2RpW0tv5fbhOoHUkB2NKwxQ-gAV8qSglZnQbnSfs7MFkSeogtPor5fAbRY2ZnTZKgE8rRtZ_ZhtSKPZdrOaDxa14LCQPpjRTnU2WX02zCR7m1VqEA_VmI32ngBq1o6nZQvgHPm0Sq3eEu3ZGWpxkaCNIwLj01z_JIfi5wpVqjz4V4ecSSR6K-gNpoclWQrfGtwyL_pAH8

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DcmEnabler_01_245.js Show response
s0.2mdn.net/879366/ Frame A2FC 28 KB
10 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10350127/1623936663589/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10350127/1623936663589/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 13:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10285
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Sep 2021 13:28:41 GMT

GET
H2 200 1084a50b73c9613b95e05c012b8366dc.js Show response
s0.2mdn.net/sadbundle/4508555922903266927/ Frame 861D 71 KB
18 KB 7ms
7ms Script
application/x-javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/1084a50b73c9613b95e05c012b8366dc.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebc367bcdd2873f80bae9d08b1d6316d0d158241e5f1a6ad843e094c8be6cb1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 08:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18383
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 08:47:37 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F9F2 0
23 B 33ms
18ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 22 Sep 2021 20:18:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 342b3ad099d1206643171867e9ec3e46.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 6 KB
2 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/342b3ad099d1206643171867e9ec3e46.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

633ff8da1bc38b48c5c96bf180889d32dc151df8ddc1e6b848c80762ef1e3250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 08:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128045
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2111
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 08:44:27 GMT

GET
H2 200 8390b93a9c186729ed2345d9fd812a5e.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 1 KB
668 B 8ms
5ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/8390b93a9c186729ed2345d9fd812a5e.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b0d0396320f78f4a0371e6d58014dda2c73a95bd5683450465e6030e564539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 06:40:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 574
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 06:40:11 GMT

GET
H2 200 88a850981629dc607bb3c50dd9b3665d.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 796 B
548 B 10ms
7ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/88a850981629dc607bb3c50dd9b3665d.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a5249886653b630dee050e6934a371610a6ab81243b36fadc37730c909eabc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476115
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 452
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Sep 2022 08:03:17 GMT

GET
H2 200 9b16023982f0585b2adc7163f725c742.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 5 KB
2 KB 13ms
10ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/9b16023982f0585b2adc7163f725c742.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84cfe81c7b675808917d7d014eef40275b0001364c5abadf15fc8cd27397bb5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 22:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1687
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 22:02:49 GMT

GET
H2 200 eab840bc6ee1119a139b4f734d1fdb50.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 1 KB
565 B 14ms
10ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/eab840bc6ee1119a139b4f734d1fdb50.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c268fc5ce52b646b09f65d4f0f1b1749f9f94ca7854fd45072fa8cd2f45b0798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268388
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 17:45:24 GMT

GET
H2 200 73048b86a86de7bedbb62c23af6da7df.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 4 KB
2 KB 18ms
14ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/73048b86a86de7bedbb62c23af6da7df.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcc28cabdb870eb9d1397edfbedd60151959559bfe87be2cb75e09bff5ca41de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 22:02:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1524
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 22:02:49 GMT

GET
H2 200 4e556d550f2695d06b7cf16e16015af9.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 936 B
421 B 13ms
10ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/4e556d550f2695d06b7cf16e16015af9.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d59572b7482e805e1e1fa211d3194d35a961b1bc654bc2bf0199e65ac2f23e8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 08:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 476115
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 354
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Sep 2022 08:03:17 GMT

GET
H2 200 dcf0ff08305962765617ec8aab99f5c9.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 664 B
474 B 18ms
13ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/dcf0ff08305962765617ec8aab99f5c9.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b04c7dea40d8f0e0ef9b5561940becdedf9c2252691a5453d25f906ed94864c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 04:28:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229776
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 375
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 04:28:56 GMT

GET
H2 200 6e72533e724fb638eb4b4f1e5e7b49b8.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 252 B
298 B 17ms
13ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/6e72533e724fb638eb4b4f1e5e7b49b8.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fdc88ccc0e10bbc87372fd245028d17169e9b3576713c2f20ac7fc90c3fa299

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 13:47:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 455487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Sep 2022 13:47:05 GMT

GET
H2 200 0e96a7c24fd4b20d9b9dcd872a4d9ca2.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 2 KB
1 KB 17ms
13ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/0e96a7c24fd4b20d9b9dcd872a4d9ca2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e500f39a8b6996962214b7bb2d37a9e52e3b36c3113279beeccba9168adffb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 00:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 982
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Sep 2022 00:53:26 GMT

GET
H2 200 6b41b62869b39ed8239e5eeebc9b7096.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 1 KB
713 B 14ms
11ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/6b41b62869b39ed8239e5eeebc9b7096.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fe40a0fd2a9b337440874c1aad58bff0f153d952da7f83dfacb9303b6771350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 03:53:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 145494
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 619
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 03:53:38 GMT

GET
H2 200 20cd3c9c87a3dcad42074ff89b4391e0.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 8 KB
2 KB 16ms
12ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/20cd3c9c87a3dcad42074ff89b4391e0.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 06:59:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2458
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 06:59:42 GMT

GET
H2 200 8cc05b6ea379ae3ce855c8e91d3a6a6f.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 3 KB
2 KB 16ms
13ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/8cc05b6ea379ae3ce855c8e91d3a6a6f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5515223ac2cb272d4dcf91a4aefced55a3d51bb3207cee2f11fae692b8dbabc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 12:19:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 460738
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1505
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Sep 2022 12:19:34 GMT

GET
H2 200 aaeae5592a41b6cd27787062b1d6eeb9.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 3 KB
1 KB 15ms
12ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/aaeae5592a41b6cd27787062b1d6eeb9.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

396ba6baecc7e52df5599ffdc5f55c87c8969d7b4cde477f6ca9bda366e183ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:03:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 486930
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 05:03:02 GMT

GET
H2 200 d06417b172417aef6815e6c350139607.jpg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 3 KB
3 KB 14ms
11ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/d06417b172417aef6815e6c350139607.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aec6ab050597b79eb2a99674bd2dabab7aa591a39a11611fedac3e68a2cb87a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 04:56:56 GMT
x-content-type-options: nosniff
age: 487296
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2607
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 04:56:56 GMT

GET
H2 200 9df77a337f3145b390840724585d64ce.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 3 KB
1 KB 15ms
12ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/9df77a337f3145b390840724585d64ce.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c300b3c2b03066424f6ca0b34b91ee8e372d67d0e9a376cbf14be081bf48653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 00:53:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 588306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 955
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Sep 2022 00:53:26 GMT

GET
H2 200 232b6f6f4921d2fb5ebd202d50cd7586.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 2 KB
785 B 13ms
11ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/232b6f6f4921d2fb5ebd202d50cd7586.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49c18b08b36cf4c3a57f57f5d98024135b7ea6b3626d4067aef31ab1101d285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 17:45:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268388
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 721
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Sep 2022 17:45:24 GMT

GET
H2 200 Frame_Mobil_728x90_EN.jpg
s0.2mdn.net/10350127/1623936663589/ Frame A2FC 17 KB
17 KB 13ms
13ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10350127/1623936663589/Frame_Mobil_728x90_EN.jpg

Requested by

Host: 005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
URL: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67d7c3c98d81c80393216d0fe04ec5ea94104cff13d2675a7515c78a2f49343d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10350127/1623936663589/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 04:42:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Jun 2021 13:31:03 GMT
server: sffe
age: 56182
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17492
x-xss-protection: 0
expires: Thu, 23 Sep 2021 04:42:10 GMT

GET
H2 200 b73db3884cabb8e89c3a7b05d585f3bf.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 3 KB
966 B 7ms
7ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/b73db3884cabb8e89c3a7b05d585f3bf.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac20d5066298115f37da2bec1b3df1cd13a7204ff6f0d21202d982022db845b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 04:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229650
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 863
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 04:31:02 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame AE2E 0
23 B 18ms
18ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: bg.onpointpublishing.com
URL: https://bg.onpointpublishing.com/womans-masturbation-guide

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 22 Sep 2021 20:18:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 6ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210922-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 2545
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by: cache-fra19125-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1632341912.496196,VS0,VE0
date: Wed, 22 Sep 2021 20:18:32 GMT
vary: Accept-Encoding
x-amz-request-id: X0T5G34XC8D2QGE8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 15
x-cache-hits: 15827

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2FC2 28 B
342 B 21ms
21ms XHR
application/json 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/202721c6/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1
X-YouTube-Client-Version: 1.20210919.0.0
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtCREdZSDZVYXh1cyiWn66KBg%3D%3D
X-YouTube-Ad-Signals: dt=1632341910348&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C743%2C418&vis=1&wgl=true&ca_type=image&bid=ANyPxKp6s9VIIzQTORg3i-b5P10wvqYgXKVzXvmFH7lJteJND0yo4wib1zLG4vDGZlxPKPexlyVT5D0iBgsBXcDRW1VaDdBJfw

Response headers

date: Wed, 22 Sep 2021 20:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 22 Sep 2021 20:18:32 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
128 B 7ms
6ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:32 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19140-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://bg.onpointpublishing.com
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 408ms
84ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=17390062-fdc5-4971-bf50-330fb0122ab7-tuct8451516
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 22 Sep 2021 20:18:33 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AE2E 42 B
108 B 22ms
22ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstinJwtMsHAn1bJ6f5DWKeTSIfwluLtskNpEyHc_0dvMRCBd4WnKt10FaB_nF6BT0L1BpRpaN3ji-HVa_q4GZL00yAenKqlHxzSxJ9tJ8xBx6d7UPYSXQ&sai=AMfl-YSTQ4pPqujpWTaaC0fXDDruiIqiT4WGviIRbNdagmOd4pYgsLQi0hVZB7kzBFEJa0hIFVVZ7CtkcvodhlJxJrf0oc5bvkaVUg0hC3VBlKgrZ-8wh0M_LTIiWQun&sig=Cg0ArKJSzIeoyFWs92W9EAE&cid=CAASEuRoL3ajHtEY7ypi9EwBh7dwIg&id=lidar2&mcvt=1000&p=1110,436,1218,1164&asp=1110,436,1218,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210920&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&app=0&itpl=20&adk=2997148638&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632341911389&rpt=562&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F9F2 42 B
174 B 20ms
20ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGIa8i510UQH5KsnO1n92TjOLT17qEmtnZEwjhBGklpNpxBeWDMXdQY8vDHkWlw9MALx__Svf_rHXwGlOSHGjsfFwZsRUjqZCGtj5ahYESn_06FZ6lJQ&sai=AMfl-YQa2g9cBw__QY96EiZY0D9r8VUT2SFm_G8vrhtGX8bBOm1JHD0AapTzk7rrU6L33oOx0w7Ab25LDxi1GHyAvHaIadw339gHCAu2IaR0GCIrSy2gZqTWKPH2ElM&sig=Cg0ArKJSzGaa1bpRx82WEAE&cid=CAASEuRoXQzjbQPlOv0CfNjD5jgQtQ&id=lidar2&mcvt=1002&p=1010,306,1100,1034&asp=1010,306,1100,1034&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210920&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1383691803&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632341911203&rpt=767&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Sep 2021 20:18:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

verizon_video
prebid.a-mo.net/setuid/
Redirect Chain

https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9
https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&verify=true
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&apid=UP42e0cc46-1be2-11ec-b823-02d121a62cd4
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&apid=UP42e0cc46-1be2-11ec-b823-02d121a62cd4&verify=true
https://prebid.a-mo.net/setuid/verizon_video?uid=UP42e0cc46-1be2-11ec-b823-02d121a62cd4&gdpr=0&gdpr_consent=

0
132 B

85ms
85ms

Image
text/plain

147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/verizon_video?uid=UP42e0cc46-1be2-11ec-b823-02d121a62cd4&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:33 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

Date: Wed, 22 Sep 2021 20:18:34 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://prebid.a-mo.net/setuid/verizon_video?uid=UP42e0cc46-1be2-11ec-b823-02d121a62cd4&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4a1561ba-27b5-4c8c-b079-bb16bc42e9d9%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=appnexus&uid=2411632403226536070

0
159 B

85ms
84ms

Image
text/plain

147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=appnexus&uid=2411632403226536070
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:33 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 20:18:33 GMT
X-Proxy-Origin: 78.47.208.27; 78.47.208.27; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 75f71dc2-490e-429f-8456-750f6b5f0cb5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=appnexus&uid=2411632403226536070
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4a1561ba-27b5-4c8c-b079-bb16bc42e9d9%26D%3D%26bidder%3Dindex_rtb%26uid%3D
https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=index_rtb&uid=YUuPmPtHxOc.0p7cAjVp8gAA%261121

0
147 B

89ms
89ms

Image
text/plain

147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=index_rtb&uid=YUuPmPtHxOc.0p7cAjVp8gAA%261121
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:34 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 20:18:34 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=index_rtb&uid=YUuPmPtHxOc.0p7cAjVp8gAA%261121
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 321
Expires: Wed, 22 Sep 2021 20:18:34 GMT

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4a1561ba-27b5-4c8c-b079-bb16bc42e9d9%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4a1561ba-27b5-4c8c-b079-bb16bc42e9d9%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=pubmatic&uid=C0B5BFBD-BF75-462F-9215-FA184804FFFD

0
130 B

153ms
152ms

Image
text/plain

147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=pubmatic&uid=C0B5BFBD-BF75-462F-9215-FA184804FFFD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:33 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 68
server: envoy
vary: Accept-Encoding

Redirect headers

location: https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=pubmatic&uid=C0B5BFBD-BF75-462F-9215-FA184804FFFD
date: Wed, 22 Sep 2021 20:18:32 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4a1561ba-27b5-4c8c-b079-bb16bc42e9d9%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D4a1561ba-27b5-4c8c-b079-bb16bc42e9d9%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=sovrn&uid=94c1e3818d7d70692797d79c

0
121 B

85ms
84ms

Image
text/plain

147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=sovrn&uid=94c1e3818d7d70692797d79c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.onpointpublishing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 20:18:34 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
vary: Accept-Encoding

Redirect headers

Date: Wed, 22 Sep 2021 20:18:34 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://prebid.a-mo.net/setuid?A=4a1561ba-27b5-4c8c-b079-bb16bc42e9d9&D=&bidder=sovrn&uid=94c1e3818d7d70692797d79c
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2sea1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 200 b73db3884cabb8e89c3a7b05d585f3bf.svg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 3 KB
941 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/b73db3884cabb8e89c3a7b05d585f3bf.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ac20d5066298115f37da2bec1b3df1cd13a7204ff6f0d21202d982022db845b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 04:31:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 229655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 863
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Sep 2022 04:31:02 GMT

GET
H2 200 d06417b172417aef6815e6c350139607.jpg
s0.2mdn.net/sadbundle/4508555922903266927/media/ Frame 861D 3 KB
3 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4508555922903266927/media/d06417b172417aef6815e6c350139607.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aec6ab050597b79eb2a99674bd2dabab7aa591a39a11611fedac3e68a2cb87a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4508555922903266927/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 04:56:56 GMT
x-content-type-options: nosniff
age: 487301
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2607
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 13:14:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 04:56:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/lY8uLpdZuiM?modestbranding=1

Domain: onpointpublishing.com
URL: https://onpointpublishing.com/template/fonts/fontawesome-webfont.woff?v=4.0.3

Domain: onpointpublishing.com
URL: https://onpointpublishing.com/template/fonts/fontawesome-webfont.ttf?v=4.0.3

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.go5s.biz/	1970-01-19 22:08:53	Name: uuid Value: 45c30b1a-0df9-4a66-9d68-a773db223a32
.lib1.biz/	1970-01-19 22:08:53	Name: uuid Value: 01e696e2-284a-4827-8638-c07ed5b026fa
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: gjW6oK9qW7k
.youtube.com/	1970-01-20 01:44:53	Name: VISITOR_INFO1_LIVE Value: BDGYH6Uaxus
bg.onpointpublishing.com/	1970-01-20 06:11:17	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D17390062-fdc5-4971-bf50-330fb0122ab7-tuct8451516
.doubleclick.net/	1970-01-20 06:47:17	Name: IDE Value: AHWqTUkU9nLVXR-bj5dlXluIEcrBYOpHRLId6E9ye6iVlNNWRIy4m4d0aB3e9pji
bg.onpointpublishing.com/	1970-01-19 22:08:53	Name: _pbjs_userid_consent_data Value: 6683316680106290
bg.onpointpublishing.com/	1970-01-20 06:47:17	Name: cto_bidid Value: ZM0T1F9Dd2lEZnVwb0pQUSUyRjZWdkZpNGwlMkJtSk1wUlVvejNGdU5TS1ozVW5pV2VDd2YzOFklMkZabUZ4UXZhTkljWk9Pa3h5Y3JUVmgwTFdMczF6dDhsRGdEaWxTSlR4VTFKOEZ3JTJGRThSWkpJSjRBdldJJTNE
bg.onpointpublishing.com/	1970-01-20 06:47:17	Name: cto_bundle Value: DdUZ3F8zWWRrNkNrTnJhcU9CR2RVOWNSd202S2tsZ1gyWkMxQSUyQjhaUzdzOVdROUwzcnpnQ1ZqZ1g3ZXc3NmE4WnZ2QUVyNmpvRHZSZzhUeFV1eWZOJTJCSiUyQkhzaHBhdUhpa0lxaDhFWm1nWGNQY3U0WiUyQlpIcVE4S21GVSUyQkgxYk56a2dxb0w
prebid.a-mo.net/	1970-01-20 06:11:17	Name: __amc Value: 1_1632341910_1632341910
.a-mo.net/	1970-01-20 06:11:17	Name: amuid2 Value: fed234df-7407-49cc-be24-16c4af5d21a2
.onpointpublishing.com/	1970-01-20 06:47:17	Name: __gads Value: ID=821bf748c1d758a7:T=1632341910:S=ALNI_MZOLi_21YNPUJ7NkIKFA5N_gn_gTQ
.adtriba.com/	1970-01-20 14:56:53	Name: atbgdid Value: cc3a7f69-dec2-4440-8c8f-bf8c9cffc45a
.openx.net/	1970-01-20 06:11:17	Name: i Value: ed20e276-b21a-4ad8-b788-525436c6b3d8\|1632341911
.360yield.com/	1970-01-19 23:35:17	Name: tuuid Value: ecdd8e6f-107a-4651-a24e-f7f9c5ea6521
.360yield.com/	1970-01-19 23:35:17	Name: tuuid_lu Value: 1632341911
.adnxs.com/	1970-01-19 23:35:17	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU(moq5^!]tbPl1M>e)ZlrFUfJ+tGXxoeMX4)3AfM[L>S_?3QL@vrG7)/t_/%$0qfpctbpRzqF1`b`=z?=gO
.blismedia.com/	1970-01-20 06:11:21	Name: b Value: 614B8F9727BB833CA97482C6BLIS
.ads.avads.net/	1970-01-20 07:06:01	Name: av-mid Value: 3ddaa181-91ae-480a-839a-d73a7ec8233b
.ads.avads.net/	1970-01-19 21:45:51	Name: av-tp-gadx Value: 1
.de17a.com/	1970-01-20 06:04:05	Name: guid2 Value: 1.709614157988651976
.mts.ru/	1970-01-20 05:58:20	Name: dspid Value: 32f032c2-2883-425d-aa2b-656cc6a25ba9
.adnxs.com/	1970-01-19 23:35:17	Name: uuid2 Value: 2411632403226536070
.media.net/	1970-01-20 06:11:17	Name: visitor-id Value: 2753435125631547000V10
.media.net/	1970-01-19 21:45:51	Name: data-g Value: CAESEDEVFA8W072bV47NCKswfcs~~3
.media.net/	1970-01-20 01:52:05	Name: gdpr_status Value: 1
.mts.ru/	1970-01-23 11:49:41	Name: mts_id Value: 1284491f-5ba4-4497-a140-a44d169e60dd
.mts.ru/	1970-01-23 11:49:41	Name: mts_id_last_sync Value: 1632341912
.tribalfusion.com/	1970-01-19 23:35:17	Name: ANON_ID Value: acntmIr2PKcFuYnRYa7XsVcZcTZdvZbpTbgChodqolb4MpvEh1rlGmavjKe79vZbY8cufx0TaM0UvtRBpFyiaHQXR34w
.casalemedia.com/	1970-01-19 23:35:17	Name: CMPS Value: 3176
.casalemedia.com/	1970-01-20 06:11:17	Name: CMRUM3 Value: 2d614b8f982760CAESEC08lRIgH5w4hHIgx9sIM5g
.casalemedia.com/	1970-01-20 06:11:17	Name: CMID Value: YUuPmPtHxOc.0p7cAjVp8gAA
.casalemedia.com/	1970-01-19 23:35:17	Name: CMPRO Value: 1121
.pubmatic.com/	1970-01-19 23:35:17	Name: KTPCACOOKIE Value: true
.advertising.com/	1970-01-20 06:12:44	Name: APID Value: UP42e0cc46-1be2-11ec-b823-02d121a62cd4
.pubmatic.com/	1970-01-19 23:35:17	Name: KADUSERCOOKIE Value: C0B5BFBD-BF75-462F-9215-FA184804FFFD
.prebid.a-mo.net/	1970-01-19 21:26:03	Name: plur_sv2_0 Value: 1632341914
.yahoo.com/	1970-01-20 06:11:39	Name: A3 Value: d=AQABBJqPS2ECEJJfQJqD8jVk3bm73aYtbG4FEgEBAQHhTGFVYQAAAAAA_eMAAA&S=AQAAAnM_Y1B030Rws1tCjW9xi3k
.analytics.yahoo.com/	1970-01-20 06:12:44	Name: IDSYNC Value: 194a~20jw
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP42e0cc46-1be2-11ec-b823-02d121a62cd4
.yahoo.com/	1970-01-19 21:27:08	Name: APIDTS Value: 1632341914
.prebid.a-mo.net/	1970-01-19 21:26:03	Name: plur_sv2_pubmatic Value: 1632341914
.prebid.a-mo.net/	1970-01-19 21:26:03	Name: plur_sv2_verizon_video Value: 1632341914
.lijit.com/	1970-01-20 06:11:17	Name: ljt_reader Value: 94c1e3818d7d70692797d79c
.casalemedia.com/	1970-01-19 21:27:08	Name: CMST Value: YUuPmGFLj5oA
.prebid.a-mo.net/	1970-01-19 21:26:03	Name: plur_sv2_2 Value: 1632341914
.prebid.a-mo.net/	1970-01-19 21:26:03	Name: plur_sv2_3 Value: 1632341914

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://bg.onpointpublishing.com/womans-masturbation-guide Message: Access to font at 'https://onpointpublishing.com/template/fonts/fontawesome-webfont.woff?v=4.0.3' from origin 'https://bg.onpointpublishing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://onpointpublishing.com/template/fonts/fontawesome-webfont.woff?v=4.0.3 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://bg.onpointpublishing.com/womans-masturbation-guide Message: Access to font at 'https://onpointpublishing.com/template/fonts/fontawesome-webfont.ttf?v=4.0.3' from origin 'https://bg.onpointpublishing.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://onpointpublishing.com/template/fonts/fontawesome-webfont.ttf?v=4.0.3 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2RkYWExODEtOTFhZS00ODBhLTgzOWEtZDczYTdlYzgyMzNi&google_push=AYg5qPI0IX66ldhreLMzNndy8i7nBKze7_5k06qJzQDYzHY4JxHz58qaCyyXNb4V3Rcw3zHhG3AKtBi0lFyeYI6GEAFJintGATHk1w Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

005eaadf3e8c2ed1da21e1e0ce5446e1.safeframe.googlesyndication.com
a.tribalfusion.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
bg.onpointpublishing.com
cc.adingo.jp
cdn.jsdelivr.net
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
code.jquery.com
cs.media.net
d.adtriba.com
d5p.de17a.com
dsum-sec.casalemedia.com
fonts.gstatic.com
get.optad360.io
go5s.biz
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.ytimg.com
ib.adnxs.com
image2.pubmatic.com
images.taboola.com
js.wpadmngr.com
js.wpshsdk.com
js.wpushsdk.com
lib1.biz
match.360yield.com
mug.criteo.com
na.nawpush.com
notification.tubecup.net
onpointpublishing.com
pagead2.googlesyndication.com
pips.taboola.com
pixel.advertising.com
platform.twitter.com
prebid-eu.creativecdn.com
prebid.a-mo.net
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
sm.rtb.mts.ru
ssum.casalemedia.com
static.doubleclick.net
syndication.twitter.com
tech.rtb.mts.ru
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
ups.analytics.yahoo.com
vasgenerete.site
www.google.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.youtube.com
yt3.ggpht.com
cm.g.doubleclick.net
onpointpublishing.com
www.youtube.com
104.105.231.116
104.105.231.167
104.244.42.136
141.226.224.32
142.250.181.226
142.250.185.130
142.250.186.130
147.75.38.124
151.101.1.44
178.250.2.146
18.156.147.57
18.156.99.44
185.184.8.65
185.33.220.241
185.64.189.110
188.166.135.13
2001:4de0:ac18::1:a:2b
213.155.156.167
213.174.135.24
213.174.135.25
213.87.44.187
217.66.147.165
2600:9000:20eb:4e00:1b:5138:8a40:93a1
2600:9000:21f3:e000:11:a4de:2580:93a1
2606:4700:3035::6815:30c3
2606:4700::6812:d05
2606:4700::6812:ea1
2a00:1450:4001:809::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2016
2a00:1450:4001:827::2003
2a00:1450:4001:827::2006
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a02:2638::1c
2a03:2880:f22d:1e6:face:b00c:0:4420
2a04:4e42:600::485
3.126.56.137
34.96.105.8
35.186.253.211
37.157.6.246
51.15.19.93
52.198.4.47
52.29.24.121
63.251.14.3
88.198.186.100
93.184.220.66
0056fc70e9e9ef6b04d00a0efc1fec72609bfbe74c1e26c447562dc735961288
016eda8d16f5d1dbaa1c84d247bc5efc35638ec20b69376dfcaabbc9ec56b397
08bc8be0b0f515e23093593d38aa82e4f71aed106d011d70ff1d206c45d9ad68
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fc4119bc1cbfb84c3decc599049a609d37530c85c6272d2babb5e6f8aea51d4
11abdf36f27542d5d3598f37a47c82eb0b48fed6af5e5dd1901bbdd0aa9a9f71
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127fef9bff9c4a7bd820146a3785bf8c7d3c5dbf48dd087f2e0f1d91a25e32c3
14a3d13ae29be549cdd38b507775a85b81aaa8184f958217c709b53c12b39734
1530691d7096753c4a33ff3d11be983fbec896774cffe9a3555c2c81e6f18906
15f044325e8f1d2960c2af2fed3ab540b9bc06baaa1b85bcc980c1e3a505a0c8
16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba
18c864956bf2492c5c86e79b0fec65f0ecbb4b02bfdcfe854b2c5501857fecdb
1bc3457dfe52f627da8e6011b2fd916e7f0aa568daedd270bdb5f989f4dec7bd
2300a2f9de065fa8f1e2b000b96ba68a7842fb2124836521de0993dd2619a603
26ab4ca42037367230d71916b5b2e877ac52b18a3860736369d6e5b32fa178c3
289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2f6a3511472d75e0a1c1fa830124b68279af32e7f37d7899257134c259c6ea3c
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
34b0d0396320f78f4a0371e6d58014dda2c73a95bd5683450465e6030e564539
375ed48cd9e95d6226f860a4e264e95d284f7f2e1afd3e273a487b523a4667b3
388434400a9fb7bc28c3dc7e9394e3b0a208a9b275b7116429f4390b101e9c6c
396ba6baecc7e52df5599ffdc5f55c87c8969d7b4cde477f6ca9bda366e183ab
3b052b9dd389c7713e351bde6ff473c0719f525083c7f279f953c9f1c9c05549
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4720daad8daba83ee3b0e5e453f6b9d6d021b2ed5ef662c7dd801998c133b96d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c300b3c2b03066424f6ca0b34b91ee8e372d67d0e9a376cbf14be081bf48653
4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fe40a0fd2a9b337440874c1aad58bff0f153d952da7f83dfacb9303b6771350
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca
53b359e15f0cd877e316e6d904acb525be66284cf165ea2268f799ff621404ec
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
5515223ac2cb272d4dcf91a4aefced55a3d51bb3207cee2f11fae692b8dbabc4
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
584297e6d4c72078e129654362a9a7d2ee3141a1d68e396107f42cd363f2b320
58e76fa97e4cac459a9fc344f9d0d3d355bf6e0bde0e1e3c762beaa36561e5bd
5ae996ae0bf157d7574024452bbbccdc7ec5f7ee1de15e5bf774026ddb2ea386
5c548c151337a815c681c21526d74a2a18d333af03de18c3416b7ecbec5efa49
633ff8da1bc38b48c5c96bf180889d32dc151df8ddc1e6b848c80762ef1e3250
65407d82aac3293464fc6f9afff84e21727605331785c8d999ec06de3b0cd669
65d2bfe503cc1e8b0174b05d438f234c439137c1d08b3a282f552b5c43b0245c
67d7c3c98d81c80393216d0fe04ec5ea94104cff13d2675a7515c78a2f49343d
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6ac20d5066298115f37da2bec1b3df1cd13a7204ff6f0d21202d982022db845b
6fc0154a9a3bb9f72d51c7dc2438412bf3e5b7fd637af7947d78ba3260e20d21
70e05dc4158dd9c1b66fd86cae9f774f1b12085180ce4569b9a2e4d1b95b7f84
7195c4763ed26ac25f6be1726145b11ee61f5d27468605eb56a6c0823d101673
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72c2003e8b9edfad1ff1f47f6e33ba78f8ba190b0eb5d104b6f1228848c39ff2
72c561fa658c163b0d597cc2eadd3cedca62712ef8aab4d7a1dcff790e60fa94
775e2a6b75cdc64a768d6ed37a8ec5817950417aa0136b8816c2f734cd924a65
7a5249886653b630dee050e6934a371610a6ab81243b36fadc37730c909eabc2
7c3280ca5d2a4e13b5c5be308521eed9ab320898e6be91047a3a103ae5f6d194
7d55b395bdb8a19fe05b3003f8171c1ed050dd8896afbbbf1d8b209ab9442273
7e0944e7a05c46874c070b1f110e6b6ae2fea5ba0c07919c983616ee2311a7e0
7e73f6788179424a7cc23fbb8702451c4fbe2fd2fedc0e5537859a47f61990d5
7f40d7edadbaea23653f0ae4c003f2db45b25fb6641fe168d2775985eade67a7
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
80de47821654fdda2f463506ec525ef1e5f3788e5aa8638793034fe79162935e
84cfe81c7b675808917d7d014eef40275b0001364c5abadf15fc8cd27397bb5e
89415187dc8fa00e52f6bd5c57dc3ddb3a479991a774aa18edde206c14ce6295
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
90c4279f2c5fb35a5913bb2f9155e1a7a88ff31c0bc642ee6f05079dd6b5eaad
91dc970a935475a9d44d404e0016b8bf959eacaf48e7b649097cbdfc77b11514
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aec6ab050597b79eb2a99674bd2dabab7aa591a39a11611fedac3e68a2cb87a
9dff9c5d8bb8ff3117fe17757c275af96ca695dc60d7fb811331cb38815a91a6
9fdc88ccc0e10bbc87372fd245028d17169e9b3576713c2f20ac7fc90c3fa299
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e923950e195b355bf371207a6f78e007f5a52d3b632847940026f10b500779
a2be0acd831cfe9dacc6664a3a09a47adbf54c5ba09ba167a9fb4ec2cda61b19
a49c18b08b36cf4c3a57f57f5d98024135b7ea6b3626d4067aef31ab1101d285
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a802da1fed23cd109b20c06543b8d61b71ee03ed2ba569f1ff017e30f4212710
a923230515fe265da1f93fcd02d41e37ef4e6bc157358768313d7cb9e5efb7a6
a928d62cc973a65b9d5bf32000aa23b65e9d510931c8708f48ac870ff0d46142
ac09a4fc5a3e728500efae5b1e073a487dda8ca63098843ae6bf727292b5c21a
b04c7dea40d8f0e0ef9b5561940becdedf9c2252691a5453d25f906ed94864c5
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b49f9c1fdfb1d6199509d3d33ceb8c3355f15f8f12f9e97be20c8616d375be7f
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
ba75435e8fa054bd6560f26b95da7c6617ca171631a07e2f23eddd654c5f13f2
bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6
bcc28cabdb870eb9d1397edfbedd60151959559bfe87be2cb75e09bff5ca41de
bd5d189901092f36d382a5cd39053f8c5aa2dbc40032dc3f539555ef6ce95280
c268fc5ce52b646b09f65d4f0f1b1749f9f94ca7854fd45072fa8cd2f45b0798
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c78422ddf3ce9f9c6ac241ed99e02f478ec35328e3d9e009bba9eb91579f19d2
cac9bd40b1e8b4a03d3fc32024dcaa0736af5916ee170acaae67407ead453a36
cfa68ca86160bf2554b971a0c831241f437613c9719ce49e8553d5b768150350
d13b828524033b9a73c68df3bf063d050d264b970d6292f5a177f885a27e6792
d246d268ccbb30f7aadd23581fb30e4e790b9570fe1906c8ecbaa451427dc283
d3c7ce759838ce8c3ad196db890ebbfbbdf7499177e4c587014ccef302ea0eb6
d54369c696c2898cbca2c1ebcf4594d0087679906c3741db1becdf452c983194
d59572b7482e805e1e1fa211d3194d35a961b1bc654bc2bf0199e65ac2f23e8e
d7a0b5f26abc2ee8452715addae1516723a88843bfb0a8b80537f4c334caf22d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de68552421265980f728f7b8a5259de8a42d740ea2dab9d06fb1d2052f3f0227
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df1888e36c5b6536f93128bee9578f2bc54465503c4396c3b13a9441bf687828
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e500f39a8b6996962214b7bb2d37a9e52e3b36c3113279beeccba9168adffb3d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e75aeb6e02450b64e65a159d15de0dbcaebeb5f2c1874c3e1f6b2b4dfa5ebecc
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ead2196501a872207bc9d488eac18dacfcce8d2e9d14ce9ef69f75ef83780227
ebc367bcdd2873f80bae9d08b1d6316d0d158241e5f1a6ad843e094c8be6cb1a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a9b2cd12147ecf9ab7990159384de752ad30fb5760d6dc0988c95f5e73d886
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f8aaf85139277e9bee632085d5612150f07941077d0483cfbeae790c0bbc880d
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95

bg.onpointpublishing.com Open in urlscan Pro 2606:4700:3035::6815:30c3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

183 Requests

98 %HTTPS

40 %IPv6

46 Domains

64 Subdomains

42 IPs

10 Countries

2433 kBTransfer

7447 kBSize

47 Cookies

9 Outgoing links

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bg.onpointpublishing.com Open in urlscan Pro
2606:4700:3035::6815:30c3 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

98 %
HTTPS

40 %
IPv6

46
Domains

64
Subdomains

42
IPs

10
Countries

2433 kB
Transfer

7447 kB
Size

47
Cookies

183 HTTP transactions
3 data transactions