randomgenerate.io Open in urlscan Pro
2606:4700:3037::6815:5653 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://randomgenerate.io/cpf-generator
Submission Tags: falconsandbox
Submission: On January 29 via api (January 29th 2024, 5:30:35 pm UTC) from US — Scanned from DE

Summary HTTP 476 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 96 IPs in 15 countries across 75 domains to perform 476 HTTP transactions. The main IP is 2606:4700:3037::6815:5653, located in United States and belongs to CLOUDFLARENET, US. The main domain is randomgenerate.io.
TLS certificate: Issued by E1 on December 27th 2023. Valid for: 3 months.

This is the only time randomgenerate.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	2606:4700:303... 2606:4700:3037::6815:5653	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:1e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:223... 2600:9000:223c:2400:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:225... 2600:9000:2250:ac00:a:e047:753:eb41	16509 (AMAZON-02) (AMAZON-02)
2	18.239.18.118 18.239.18.118	16509 (AMAZON-02) (AMAZON-02)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 8	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	18.65.39.47 18.65.39.47	16509 (AMAZON-02) (AMAZON-02)
3	18.239.70.203 18.239.70.203	16509 (AMAZON-02) (AMAZON-02)
3	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.26.8.178 104.26.8.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 4	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
2	35.158.201.105 35.158.201.105	16509 (AMAZON-02) (AMAZON-02)
2	185.106.140.18 185.106.140.18	7979 (SERVERS-COM) (SERVERS-COM)
2	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
4	185.86.139.96 185.86.139.96	201081 (SMARTADSE...) (SMARTADSERVER)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
2	2606:4700:440... 2606:4700:4400::6812:22b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
2	108.128.140.222 108.128.140.222	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	89.149.192.76 89.149.192.76	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
4	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 10	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	18.238.243.82 18.238.243.82	16509 (AMAZON-02) (AMAZON-02)
2	3.162.33.31 3.162.33.31	16509 (AMAZON-02) (AMAZON-02)
4	184.30.211.26 184.30.211.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
19 43	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a05:d018:d29... 2a05:d018:d29:3601:5088:283f:2202:9e4b	16509 (AMAZON-02) (AMAZON-02)
2 6	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1 1	35.210.239.72 35.210.239.72	15169 (GOOGLE) (GOOGLE)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5 8	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
50	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
24	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
4 8	3.248.239.255 3.248.239.255	16509 (AMAZON-02) (AMAZON-02)
1 6	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
7 11	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	64.233.167.154 64.233.167.154	15169 (GOOGLE) (GOOGLE)
4	2600:9000:26d... 2600:9000:26da:1600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 4	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f350:3:2... 2607:f350:3:2569:0:10:0:200d	27630 (AS-XFERNET) (AS-XFERNET)
2 2	35.214.243.225 35.214.243.225	15169 (GOOGLE) (GOOGLE)
26	2600:1f18:1ac... 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7	14618 (AMAZON-AES) (AMAZON-AES)
12	54.161.150.198 54.161.150.198	14618 (AMAZON-AES) (AMAZON-AES)
8	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:30d7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.35.229.251 23.35.229.251	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
42	23.201.243.14 23.201.243.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	23.212.88.20 23.212.88.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	8.2.110.113 8.2.110.113	46636 (NATCOWEB) (NATCOWEB)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.6.81.107 52.6.81.107	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.210.30.156 52.210.30.156	16509 (AMAZON-02) (AMAZON-02)
1	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
2 3	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
2 3	188.42.105.220 188.42.105.220	7979 (SERVERS-COM) (SERVERS-COM)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	34.248.213.243 34.248.213.243	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:236... 2600:9000:2362:ba00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.198.184.52 52.198.184.52	16509 (AMAZON-02) (AMAZON-02)
1 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
4	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	204.79.197.204 204.79.197.204	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:6ea0:c70... 2a02:6ea0:c700::19	60068 (CDN77 _) (CDN77 _)
3	209.192.201.180 209.192.201.180	7979 (SERVERS-COM) (SERVERS-COM)
1	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 _) (CDN77 _)
2	212.36.83.245 212.36.83.245	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
1	98.98.134.243 98.98.134.243	21859 (ZEN-ECN) (ZEN-ECN)
476	96

49 2606:4700:3037::6815:5653 (United States)

ASN13335 (CLOUDFLARENET, US)

randomgenerate.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1e31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:2400:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:ac00:a:e047:753:eb41 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.18.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-118.ams58.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.65.39.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-47.ams1.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.70.203 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-70-203.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.8.178 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.228 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.201.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-201-105.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.140.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-140-222.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.149.192.76 (Bunschoten, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.96.124.156 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.243.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-82.ams58.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.162.33.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-33-31.cdg52.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 216.58.206.34 (United States) 19 redirects

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:5088:283f:2202:9e4b (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.214.149.91 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.210.239.72 (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.171.85 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.3.20 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.248.239.255 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-239-255.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.64.151.101 (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.233.167.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:26da:1600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f350:3:2569:0:10:0:200d (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.243.225 (Groningen, Netherlands) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 225.243.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.161.150.198 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-150-198.compute-1.amazonaws.com

ads.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:30d7 (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 23.201.243.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-243-14.deploy.static.akamaitechnologies.com

dco-assets.everestads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.17.21 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.88.20 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.110.113 (United States)

ASN46636 (NATCOWEB, US)

as.ck-ie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.81.107 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-81-107.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.30.156 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-30-156.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.220 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.248.213.243 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-213-243.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2362:ba00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.198.184.52 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-184-52.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.79.197.204 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0005.a-msedge.net

analyticspixel.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

vid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 209.192.201.180 (United States)

ASN7979 (SERVERS-COM, US)

user-sync.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)

vpaid.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.36.83.245 (Sant Vicenç dels Horts, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb1.vdmy.dtic.es

a.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	googlesyndication.com 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	498 KB
70	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 Failed cm.g.doubleclick.net — Cisco Umbrella Rank: 260 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 bid.g.doubleclick.net — Cisco Umbrella Rank: 917 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594	413 KB
49	randomgenerate.io randomgenerate.io	500 KB
42	everestads.net dco-assets.everestads.net — Cisco Umbrella Rank: 6990	364 KB
38	adsafeprotected.com 4 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 1004 static.adsafeprotected.com — Cisco Umbrella Rank: 721 dt.adsafeprotected.com — Cisco Umbrella Rank: 719	715 KB
13	everesttech.net 1 redirects ads.everesttech.net — Cisco Umbrella Rank: 6903 sync-tm.everesttech.net — Cisco Umbrella Rank: 716	97 KB
13	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2221	384 KB
12	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 581 eb2.3lift.com — Cisco Umbrella Rank: 412	5 KB
11	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622 ssum.casalemedia.com — Cisco Umbrella Rank: 1252	6 KB
11	openx.net 2 redirects oajs.openx.net — Cisco Umbrella Rank: 1736 google-bidout-d.openx.net — Cisco Umbrella Rank: 1735 us-u.openx.net — Cisco Umbrella Rank: 524 rtb.openx.net — Cisco Umbrella Rank: 625	2 KB
11	criteo.com 3 redirects gum.criteo.com — Cisco Umbrella Rank: 423 bidder.criteo.com — Cisco Umbrella Rank: 679 mug.criteo.com — Cisco Umbrella Rank: 3123 dis.criteo.com — Cisco Umbrella Rank: 608	17 KB
8	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 253 secure.adnxs.com — Cisco Umbrella Rank: 490	9 KB
8	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 459 ads.pubmatic.com — Cisco Umbrella Rank: 535 image6.pubmatic.com — Cisco Umbrella Rank: 805	18 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 w.clarity.ms — Cisco Umbrella Rank: 7494 c.clarity.ms — Cisco Umbrella Rank: 1351	28 KB
7	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 520 pixel.rubiconproject.com — Cisco Umbrella Rank: 381 eus.rubiconproject.com — Cisco Umbrella Rank: 579 token.rubiconproject.com — Cisco Umbrella Rank: 477	14 KB
7	adform.net 4 redirects adx.adform.net — Cisco Umbrella Rank: 4252 cm.adform.net — Cisco Umbrella Rank: 1147 c1.adform.net — Cisco Umbrella Rank: 583	3 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
6	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	2 KB
6	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1533 ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1724 ssbsync.smartadserver.com — Cisco Umbrella Rank: 742	2 KB
6	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 314 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 591 aax.amazon-adsystem.com — Cisco Umbrella Rank: 395	79 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	325 KB
5	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 11840 user-sync.adxpremium.services — Cisco Umbrella Rank: 15846	6 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	70 KB
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 857 id5-sync.com — Cisco Umbrella Rank: 425	58 KB
4	vidoomy.com vid.vidoomy.com — Cisco Umbrella Rank: 2086 vpaid.vidoomy.com — Cisco Umbrella Rank: 3136 a.vidoomy.com — Cisco Umbrella Rank: 2730	20 KB
4	microsoft.com analyticspixel.microsoft.com — Cisco Umbrella Rank: 7310	1 KB
4	setupad.com node.setupad.com — Cisco Umbrella Rank: 49582	961 B
4	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1381 ad.turn.com — Cisco Umbrella Rank: 843 r.turn.com — Cisco Umbrella Rank: 4167	2 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1157	106 KB
4	4dex.io script.4dex.io — Cisco Umbrella Rank: 1603 mp.4dex.io — Cisco Umbrella Rank: 2539	26 KB
4	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1005 bcp.crwdcntrl.net — Cisco Umbrella Rank: 898	24 KB
4	yahoo.com 1 redirects connectid.analytics.yahoo.com — Cisco Umbrella Rank: 4267 ups.analytics.yahoo.com — Cisco Umbrella Rank: 358 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495	10 KB
3	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 671	1 KB
3	gonet-ads.com 2 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 39250	819 B
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 6258	956 B
3	gstatic.com www.gstatic.com	17 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 1664 a.ad.gt — Cisco Umbrella Rank: 1857	5 KB
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 740	592 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 657	73 KB
3	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2253 prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6599	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 707	588 B
2	yieldmo.com 2 redirects ads.yieldmo.com — Cisco Umbrella Rank: 651	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 874 s.tribalfusion.com — Cisco Umbrella Rank: 2405	1 KB
2	loopme.me 2 redirects csync.loopme.me — Cisco Umbrella Rank: 897	819 B
2	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 41849	2 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	291 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	155 KB
2	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 40785 Failed	132 KB
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 722	187 B
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 7787	44 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 662	238 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 856	715 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1217	671 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1552	584 B
1	avads.net ads.avads.net — Cisco Umbrella Rank: 34243	80 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 730	1 KB
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	465 B
1	ck-ie.com as.ck-ie.com — Cisco Umbrella Rank: 9431	114 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1236	878 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2579	552 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 53518	609 B
1	adxbid.info adxbid.info — Cisco Umbrella Rank: 14253	3 KB
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 976	401 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 247	761 B
1	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2790	464 B
1	metadsp.co.uk 1 redirects u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 5692	239 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 349	649 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 357	149 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1798	10 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 914	277 B
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1299	6 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2948	3 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1833	8 KB
0	chocolateplatform.com Failed cs.chocolateplatform.com Failed
476	75

	Domain	Requested by
50	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com randomgenerate.io tagan.adlightning.com
49	randomgenerate.io	randomgenerate.io tagan.adlightning.com
43	cm.g.doubleclick.net	19 redirects eb2.3lift.com googleads.g.doubleclick.net 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
42	dco-assets.everestads.net	tagan.adlightning.com dco-assets.everestads.net
26	dt.adsafeprotected.com	7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
24	tpc.googlesyndication.com	tagan.adlightning.com 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
13	tagan.adlightning.com	stpd.cloud tagan.adlightning.com 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
12	ads.everesttech.net	tagan.adlightning.com dco-assets.everestads.net
10	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com tagan.adlightning.com
10	eb2.3lift.com	3 redirects stpd.cloud eb2.3lift.com adxbid.info
8	googleads4.g.doubleclick.net	tagan.adlightning.com
8	fw.adsafeprotected.com	4 redirects 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
7	ib.adnxs.com	4 redirects eb2.3lift.com googleads.g.doubleclick.net
6	www.google.com	1 redirects 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com tagan.adlightning.com
6	7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net tagan.adlightning.com
6	x.bidswitch.net	2 redirects eb2.3lift.com 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
6	gum.criteo.com	2 redirects stpd.cloud static.criteo.net tagan.adlightning.com
5	www.googletagservices.com	7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
5	cdn.jsdelivr.net	securepubads.g.doubleclick.net stpd.cloud dco-assets.everestads.net
5	securepubads.g.doubleclick.net	randomgenerate.io securepubads.g.doubleclick.net
4	analyticspixel.microsoft.com
4	node.setupad.com	stpd.cloud
4	rtb.openx.net	1 redirects 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
4	static.adsafeprotected.com	tagan.adlightning.com
4	bid.g.doubleclick.net	7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
4	us-u.openx.net	googleads.g.doubleclick.net
4	secure.cdn.fastclick.net	tagan.adlightning.com secure.cdn.fastclick.net
4	w.clarity.ms	www.clarity.ms
4	prg.smartadserver.com	stpd.cloud
3	user-sync.adxpremium.services	adxbid.info
3	ap.lijit.com	3 redirects
3	sync.gonet-ads.com	2 redirects 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
3	an.yandex.ru	2 redirects
3	www.gstatic.com	7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
3	image6.pubmatic.com	ads.pubmatic.com 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
3	ads.pubmatic.com	stpd.cloud adxbid.info
3	cm.adform.net	2 redirects
3	prebid.a-mo.net	stpd.cloud
3	id5-sync.com	stpd.cloud cdn.id5-sync.com
3	c.amazon-adsystem.com	stpd.cloud c.amazon-adsystem.com
3	static.criteo.net	securepubads.g.doubleclick.net stpd.cloud static.criteo.net
3	fonts.googleapis.com	randomgenerate.io 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
2	a.vidoomy.com
2	onetag-sys.com	1 redirects
2	ads.yieldmo.com	2 redirects
2	c1.adform.net	2 redirects
2	eus.rubiconproject.com	stpd.cloud eus.rubiconproject.com
2	csync.loopme.me	2 redirects
2	d.turn.com	googleads.g.doubleclick.net
2	c.clarity.ms	1 redirects
2	pixel.rubiconproject.com	adxbid.info
2	id.hadron.ad.gt	cdn.hadronid.net
2	pr-bh.ybp.yahoo.com	1 redirects eb2.3lift.com
2	aax.amazon-adsystem.com	c.amazon-adsystem.com
2	mug.criteo.com
2	oajs.openx.net	1 redirects
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	mp.4dex.io	stpd.cloud
2	hbopenbid.pubmatic.com	stpd.cloud
2	fastlane.rubiconproject.com	stpd.cloud
2	rtb.adxpremium.services	stpd.cloud
2	tlx.3lift.com	stpd.cloud
2	adx.adform.net	stpd.cloud
2	prebid-eu.creativecdn.com	stpd.cloud
2	bidder.criteo.com	stpd.cloud
2	prebid-stag.setupad.net	stpd.cloud
2	script.4dex.io	stpd.cloud script.4dex.io
2	tags.crwdcntrl.net	securepubads.g.doubleclick.net tagan.adlightning.com
2	cdn.id5-sync.com	securepubads.g.doubleclick.net tagan.adlightning.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.clarity.ms	randomgenerate.io www.clarity.ms
2	www.googletagmanager.com	randomgenerate.io www.googletagmanager.com
2	stpd.cloud	randomgenerate.io
1	pixel-sync.sitescout.com
1	vpaid.vidoomy.com	vid.vidoomy.com
1	ssum.casalemedia.com	1 redirects
1	vid.vidoomy.com	adxbid.info
1	cc.adingo.jp	7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
1	s.ad.smaato.net	7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
1	um.simpli.fi	1 redirects
1	t.adx.opera.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	ads.avads.net	7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
1	sync.srv.stackadapt.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	cms.quantserve.com	7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
1	as.ck-ie.com	adxbid.info
1	cs.media.net	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	adxbid.info	stpd.cloud
1	secure.adnxs.com	1 redirects
1	ssbsync.smartadserver.com	7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
1	sync.go.sonobi.com	7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
1	r.turn.com
1	ad.turn.com	1 redirects
1	c.bing.com	1 redirects
1	a.ad.gt	tagan.adlightning.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	google-bidout-d.openx.net	tagan.adlightning.com
1	dis.criteo.com	1 redirects
1	u.ipw.metadsp.co.uk	1 redirects
1	px.ads.linkedin.com	eb2.3lift.com
1	match.adsrvr.org	eb2.3lift.com
1	cdn.hadronid.net	randomgenerate.io
1	config.aps.amazon-adsystem.com	tagan.adlightning.com
1	ssbsync-global.smartadserver.com
1	lb.eu-1-id5-sync.com	stpd.cloud
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
0	cs.chocolateplatform.com Failed	7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
476	119

This site contains links to these domains. Also see Links.

Domain
name-generator.io
usernamegenerator.io
www.facebook.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
randomgenerate.io E1	`2023-12-27` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
stpd.cloud E1	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2024-01-22` - `2024-04-22`	3 months	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2024-01-09` - `2024-07-04`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-12-23` - `2024-03-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-07-08` - `2024-08-05`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.a-mo.net R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-26` - `2024-06-19`	6 months	crt.sh
*.eu-1-id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-01-10` - `2024-06-26`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
id.hadron.ad.gt E1	`2024-01-27` - `2024-04-26`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
a.ad.gt E1	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2023-12-07` - `2025-01-07`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.everesttech.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-03-08`	a year	crt.sh
adxbid.info E1	`2023-12-05` - `2024-03-04`	3 months	crt.sh
www.adobetag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-24` - `2024-08-23`	a year	crt.sh
ck-ie.com Go Daddy Secure Certificate Authority - G2	`2023-11-12` - `2024-12-13`	a year	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.avads.net Go Daddy Secure Certificate Authority - G2	`2024-01-15` - `2025-02-15`	a year	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.adingo.jp Amazon RSA 2048 M03	`2023-09-13` - `2024-10-12`	a year	crt.sh
node.setupad.com R3	`2023-12-24` - `2024-03-23`	3 months	crt.sh
analyticspixel.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-11-01` - `2024-04-29`	6 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-10-06`	a year	crt.sh
*.sitescout.com GeoTrust TLS RSA CA G1	`2024-01-15` - `2025-02-01`	a year	crt.sh

This page contains 49 frames:

Primary Page: https://randomgenerate.io/cpf-generator
Frame ID: 05E22679D1FA9711541DAEF27E924DFE
Requests: 163 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=randomgenerate.io
Frame ID: DF4F0144BEB2C5537A0A72C2EA52A918
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: ECC5783CA7D56385512CD1CEA6FD2415
Requests: 11 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 84BBC149423F95A6E8A7400E36FF27A3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 0247D522E78647A6E773EED98E22F2CC
Requests: 2 HTTP requests in this frame

Frame: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D005A7581D5C12308E4785BA8990831B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=randomgenerate.io
Frame ID: F19372907BEE4AF38D2DEBB769691394
Requests: 2 HTTP requests in this frame

Frame: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D81BE831859EFADB52D8B989B63012D7
Requests: 30 HTTP requests in this frame

Frame: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CEA6D8B376E78D14487443256E97E99C
Requests: 29 HTTP requests in this frame

Frame: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6774A9CF9AA0D301D7694DA405A7FFCE
Requests: 31 HTTP requests in this frame

Frame: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 614E367D6E5FA5A7D43D5CBD53D64BC7
Requests: 31 HTTP requests in this frame

Frame: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6EAC2D935041017A303B487B9036E343
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6F96B31ABB85AD3CB47F0D3383238623
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 26CA752FF4F4EA6BFE1EE3035AF34FF6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNV1TMzhAr_SyD3tJjsCcm6gavn_Qne8HpBmK4MVsXxp3TdcNiviDsuwax4cmKc8aw9AC_05Dy5NQPo_WVr-h5uZYZjK5D_x97wq24KeFoQvjR9XgCK5cLouH3fYFvWmL7GDQRurxMLkja-scHkO2mtT6Aidl7EF_iAbugLidfPTPr36zgeLpBYMxk5KqbuUyFbtYNnVYu4-9o-ZiFJ2wcnpmYzxEA
Frame ID: EADE399CF1249B4B7D8D4A02F606CA25
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNVvEs7N1us4npJPwEDwmGg9CuQJ6HNXptsRgsMTJJZuGhs2IppLdbACUCEf92ODEefuJ1fiP7SZLYlsH2VIz70OifSmF8mem-T3ZVr6lhYgrX8lzV4R2uoygL5AQ6OjPmEIWm3kiOFS14t1s6b8NnxqsQIBhBKYoWh4vnqRHXbZC_MNgyxHioQ70FvHb733NIGgzXRa2XaGnPLdwNqUH9HsAGkhKw
Frame ID: 1B75E79CCFED33E904F2F0FAF13CD96E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNU_CVgwTBwM7FKE8sTdfhyVZ3Goku9Kym83Im_tQDUemDF9Wvw-hxNZ1B8ZlsMAmjwPGKhadZXQpAiWUJwa-AE0Fl_TvbBD8KyDIEmiL_lNakr9C64P0dWp-vYnjBMVQgfAhlzEpgB9mhOp4762swo0C-klPqpRXvouRbDvQA3_0Nx8JhLUPZEfNN3gjsRgSTTCAqWS9FB_sJoUNiXw71I28r3Evg
Frame ID: 3FDB62CEF0CBD0FA6272311C62E12331
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7d6o7gEwAQ&v=APEucNVh56P7O8fj5NefBrxDvSsj1ozwWlfC-OJzzv8dWNcsw2VaXQp91xpIgmLLTAPhdd24ubWOlkFgWwQkGNHxkze7T0YivD8m2ecdc6N0ljb8TjpfyGbiQg8Naq--OJvw1CD7rYCh0bBlOMOksQaYL3WJETRqGsBiffJzuC8dzrWwrnbU6CNf1CRr_yfnG9qwxs_Pn8n8Lz6WgsJn_q7wA2jjeGy5lg
Frame ID: 4A718C6CFCF3280246574BF430ABAD56
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: C99F30270BA3E678076A834270E21A5A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1629B958CCBBCE22136A2A3321C04DDF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 83F17682088F0AC545A65069784FD345
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 42F4828565E8C666778A31F776DC8534
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3F286ECC7ABACB7BF543525908F136E4
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2741B33785C7854C8063FD26370CC660
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9588E122876309D247E60BF83692A31D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 40B614223180FD2D222083C94241AA9E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DC362967B7D1D3D5C4574BF0C7BF737B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E8055AA19AAF7B4760B09D63B14337DD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 18F9A97D2E6A9279CB2CC37B4A0BFF01
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 33AA43EFB34DCAC05226BCA959A87DD3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Frame ID: 2A3E5956EB4A627AACCD1397CCB401E1
Requests: 2 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: B2D2EC68EB4C53D65202F42F7EC483C7
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D8CA5D02965A030413AD563DFB0B03D4
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 8CF07C5531197550C282FE3764F7DF67
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 78D5B8F7F7092239F932CBA72671AD91
Requests: 1 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAADygeplFZ
Frame ID: 3D9F8438C9096A82AC564008EDB1902A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 704C05B73FFED926A62A842D2A33CA80
Requests: 9 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAAN_hZ3lDB
Frame ID: C3FE8354015B57952B9351B6BDE5F465
Requests: 2 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAAL4zSeCsT
Frame ID: 3A11B6AAB439497FBBC0AF88BA4CE83C
Requests: 2 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAANlvOekSq
Frame ID: D6C27C38EDCD59C28C71E1ECC9204FD6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F2355420F2C950EF2847CA8047C44AC3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 441C9CB3B0E78AB976ABC20C4125F8A8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3169745BFBFE956520A3BFE86DEA867F
Requests: 9 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Frame ID: 080B15369753AD804E2BD8C2BE53DF5B
Requests: 12 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/160x600.html
Frame ID: D7CCB381C1211CBDCC7E54DE345394C1
Requests: 9 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Frame ID: 85BCEC50EDB3284BD8D3BA35AC2288EF
Requests: 12 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Frame ID: 00DA404156EC169B39BA7EB48CF4D64F
Requests: 12 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: C91C4F114743E2D44F412E9F8D0F6D51
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 7C843F1A663A79472D9759DA0E011F4E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🇧🇷 CPF Generator

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

476
Requests

85 %
HTTPS

39 %
IPv6

75
Domains

119
Subdomains

96
IPs

15
Countries

4199 kB
Transfer

10497 kB
Size

78
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://name-generator.io/
Title: Name Generator

Search URL Search Domain Scan URL

URL: https://usernamegenerator.io/
Title: Username Generator

Search URL Search Domain Scan URL

URL: https://www.facebook.com/profile.php?id=100092072413022

Search URL Search Domain Scan URL

URL: https://twitter.com/irandomgenerate

Search URL Search Domain Scan URL

URL: https://www.instagram.com/randomgenerate.io/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://oajs.openx.net/esp?url=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&rid=esp&cc=1

Request Chain 78

https://gum.criteo.com/sid/json?origin=publishertagids&domain=randomgenerate.io&sn=ChromeSyncframe&so=0&topUrl=randomgenerate.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=EX94WXxRWUhvOVIwYnVBSWZUanEwajdxSXJjNzVFWlhBcWttNGlPY01sN21YQXJDU0dubGUxZGszc2xpeTdCbmVEVzhSakdxbnk4VnRNZkkvbnJ3MTV1OXVYWXNmckJ6RC9HaTRDSjRXajhqV2RSaTR6cUdvMmxGUTZMUG5KaU82dGhIMW1IQmVodENJQnlGVzdyUjlVcDRpTjhLMTBPYzNscGx0ZDh5YTFhb2d3U09NWUFPWk4zRHFCWGphelZLRWFvTWZNWkdrRXZmNFdQT2lSaDlxNFpDVEg0RlcveGdxMVQ5UThLZjI5SVkwbmdJdzVGVTJxUHo1dW1VRmo0bGpWZGpDUzFQMktSem5JeXdDKzdjaGVhTE0xNGRwMEJLVHVkS3VpRTNCWG5HRHRMZz18&cppv=2

Request Chain 79

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1

Request Chain 95

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYzNTM5NjE4MTUzNzQzNzY1Njg1NA%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYzNTM5NjE4MTUzNzQzNzY1Njg1NA%3D%3D&google_tc= HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECJEhItx01wSGaIF46yhDAM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 97

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYzNTM5NjE4MTUzNzQzNzY1Njg1NA%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYzNTM5NjE4MTUzNzQzNzY1Njg1NA%3D%3D&google_tc=

Request Chain 100

https://x.bidswitch.net/sync?ssp=triplelift&user_id=4635396181537437656854&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4635396181537437656854&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=7962955e-529f-421e-ba29-aa08cdd7ca99&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=7962955e-529f-421e-ba29-aa08cdd7ca99

Request Chain 101

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
https://eb2.3lift.com/xuid?mid=2711&xuid=eccc3cb4-1ddc-4820-a8dd-231964338a64&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}

Request Chain 102

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=8889471911930454369&dongle=4d58&gdpr=0&gdpr_consent=

Request Chain 167

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0ECB0300BBFB446C94340B7A34CA5629&RedC=c.clarity.ms&MXFR=0C3E4AC6264765411A285ED322476B95 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0ECB0300BBFB446C94340B7A34CA5629&MUID=01CC57B320ED629032EE43A621666371

Request Chain 172

https://gum.criteo.com/sid/json?origin=publishertag&domain=randomgenerate.io&sn=ChromeSyncframe&so=3&topUrl=randomgenerate.io&bundle=pLJurV82anVVT3pTTDFlSUFxVk1MUTdnJTJGc3JMU25OTlpyNGllS3J6R2R0VzZsdG9SSGIyQ2dBRWVvZ2hyOTQlMkJVNEt1OWpRanclMkZuWWlyJTJCVlNzZnJ1djQlMkJ5RENtZ2w0S1lSWkVOaTdWMGI0MWRkaUlrSnIzbmlJM3ZRZ1N0bFpwTVBGc1JtNWs3V2pnR2RQY1ppWlRUOXJqZ1JlRVpOc29BaWN5Y1FyMWtiUTZlQk9FJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=5lkFTHx0c1dsZVdPVG52akFoVWNmZk11ejZQSHlCcXVPTk1oczhSaEw0WkxqMjR2RWhJM3czcWl1SkFGYnpldDRNRlgyb1k1QVJncHk2dkFRakhpaWh2UnFmSnk2TXk2QXgzczJUNXJTT1RQdHpKdEg3dHdIc1owbzdQcHZpS0tRQ0pjTU1ReC9rd0lHU2x6Wm9TNGU2QnlnWHluUnVtcE5TYVJOVFpmRFBvaVdHNExtdjc4L1FyeTZxYzQwUm56SVcwSFQ5SEs5Q3A5VEFRbmxBakZJKzB0MXlyUWlyWUU4MVQ3dWtyQkFOSmUzV0ZQT1JIT0U1UHVDaE9SYkNOaXFwTTZoRHpPSURIRnE2UzZFd0JjWkdnVXJLY3FEU2NqUktMR0czRjJ6ME9nalFDWT18&cppv=2

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESECdpfjlAMAIOHzovsp6SR4Q&google_cver=1

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1&C=1

Request Chain 227

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbfgtSybyfxkNErkAKZKfwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1

Request Chain 229

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESECdpfjlAMAIOHzovsp6SR4Q&google_cver=1

Request Chain 230

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1&C=1

Request Chain 231

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbfgtSybyfxkNErkAKZKfwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1

Request Chain 258

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdo34kGaTjV4aCKJOcy7aw&google_cver=1

Request Chain 259

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTQ3MTkxMTkzMDQ1NDM2OQ%3D%3D

Request Chain 260

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKmtDL3blJQ7_dW6ho-4N0c&google_cver=1

Request Chain 262

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdo34kGaTjV4aCKJOcy7aw&google_cver=1

Request Chain 263

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTQ3MTkxMTkzMDQ1NDM2OQ%3D%3D

Request Chain 264

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKmtDL3blJQ7_dW6ho-4N0c&google_cver=1

Request Chain 268

https://fw.adsafeprotected.com/rfw/bgd/1525518/72172425/xbbe/creative/adj?p=APEucNXE1pRH3d4z9SQfyt3Tualq7ton8E3368i9psL07nZ-FVH_EtQ&d=CpkBAKAmf-CKqo9LYHemr-BHjPAvlWnmA_IkMH8Zgwms2n58U78QOIzCtCcFtCJozwQ7bWck3HnZVT7YRsOyGKiP86yxuFy0Re6Leh66UCfe17JeFar7yB02R88vBloSG7ZnSyckij2mvpQWTKGXldjw87JBg3kcs12vypj3ZDoTpXi_AZWgezdRcp4MZOf0ABfMm5zY-6ibokg3EtkUAKAmf-AGNPKqnJ6SmXrVRUmkEUFKsdV7ypJOlr7q93Ic6jCxLS3ZB5WyVsTIYWYoX1mOzcxdUXTSftH3gMO3mGg52BbTnkQH7QfP3MjTGu5B0KOQbe1jsLGsaIdXGBZa4BeP7ARWdzCWc-26RArjqcCGfB0WMA1mvuDEt5Ic2RBBzNAXOOlgLfJK4HKiPkbCHmlmL34F09Y_41itLjItBgi1lvudqCwDrL5tF7fKSyJUDdWhgOCoXF7K29sG65b_a6NHTL3FoAFG9iS3d-Bk0J4t2lUsHSJ-cyquXVD-ETf2hvz3VDPXeVWpyrYkC1cwxfobaxmvmmdtNUY6FLLk9VYgnIkNG_T4ku676mgVDLxHmy-tOJQcGYhORB_FWa9HvsrbwVuGlR3ZiGVn2y0bbVU1RMLsLlON8f7GFdAu3sMmnm_zYRMdMF9eOc-StrYhZ-E-KkvIrmlQTOyguAmA2CASFC1aIAn1k3amBG-Z2SUUwgVhBjby1VQe-eZJoQQddzVa4FQIElQ3pPhGcSw0L0RO0IMUcupCdEDdU0PZwQOmFnLXx7QItad7jXD4PV5dDpKbqxfNXgLN94FCq9zjucuM14l7dGVPxMxYyiTgmMg7Jo55Xv5LJioaH6X5uQPXQHBw-IZrTuqMcEplk3Ua-meyA2svNU0u-cF8BSG6grre-Hs_RqaOaFrtuGUUUi8gGQVg_32hZJoAyGxhEk8Hmrl0aD1y0niTtZY7JnjI59-GvguMMyEcTgMR3HInA7M96Snxbvadw6XwS2EphFzzbpuqYVthBpX9J8Kp3Hyx2eNFJ3lGzwuGrkzkzkQluKDfbIrKgzb1rGHvZGZ91StKdqfmn7Yj7eri-up12QtkClT1SfhZ_wpDF79DCuNleQcAD61T2djoLerbuTtyryWasNrT-tQCQXc9CgeC7Mlf_UUR4x5KpP-2zFONxtHVD-jO2W6-0JPdNPnCOf1nk2ubcp8VUzScZAIsLoFT6nTCiQZ9mFyNbJovSjg-F5QZeB_51_1YN9VT0w3cLm6af1ebV947X3HjAIBUxf49QiaYl9bcEm_-dZdkoev6A8u0W-qdH3Mw1zkIUWoltKi2a1p0IvDxmKGZX2ktcCYia2CIxUF22e4XKY1Axp83mrG6YsjSl-eCkJ-GuIHrXsYan757QXlmGqD8LvXDCjJfstNRboLa9ubGNs7DyRRHL2AUmaiHHtnyLemyaFnQqnrDunkKpoHJ6XgG-P7yK3IF8wshdvuetGmszs6TLCEEenPK6OKgNID0VX5fu3RGmSWpEg4DBkyXfXOTFIVt4mWMQoU6UkffuPlouS-969oCa5v1_gEhNBgLASR77DFboEmyGs79M1IUKznKTu9rCS3YUkgPrxTyMWYvK65giouRv3sRYiqZVhkB9-pGXg6sww8IwVyFrCgiy5wwb4kNNI7DXvaMTOh4F9kXHiIvtHgAfkK1L6pXoNp3v03Rctw6inErikh5s8sO4kgo34fdREHBGBJ9C8PFJq_awv6XFobQzRiU0yJtro751jOE6rvcwC38BjV4lLy4AnvD50Q9Ah0-Fpqg234MSgh0GfJMHf3tdQ4Y-rZIL-Hl2-nUBjKgguiLTNI_EMnPr69zso43wvKZBJH895SXpi5kEkelVsOdWLq0Sbz53EJ-kr2fzq9VBLON_cw7SinRYVi3G0yVtG3kdBylss7HF48YmWxGBUIX7ZSY7YURkLGLrnvoZpgZhUlWRQE4UFrEGTghsDL6QJBeAAQAzMZsgNEuRF5ZOF1SwywBNA1IHYeWHCsHLz110Dk2XvuoMNdmAhd1wTcOT3hl0t7xAi8Upia-BtH9sb5RHmOXad4kGrSogSmmmSN05Brb0oHdI5y045xdqujiz_rVAUPlGTknJEnIUj-xf6X9KXdc_XBA1P3tmKURZxdW5YJTaYcNZs3eib58a8aDA7fDTGmA6Tk18Fqm_ZITLg0GcGKhCXIuvC2aV2Yvjzj5C4BiFLXvvVvDxiNSGAje8GanmG-3dXvidkYyzTnSYHiDSQTZEVsfIBAHpVOSgpKefrZD_4hoW3OpDCmBWegyn9qdnsadoHRftEiYkv2uC6Dg1ejnfshokhm3TBJNs_MidWWW04kBhxWur7C96F-KdeSlCUXOZHzUgZ8FYvV3WBxJbxSmy9QlVwIhNzLq4vifUCguMGAYTcltR46yCbUfJMAXNCDPOC_UN3G329za8vTwHD51z7cpLS1QrUv5VcSNXTdCIRUrvEIGQRcT3Y_p8HVW7dNN86oePoEhoHcdaOHxTIwJh60XzqJ8XwAtdfJfZur2nq3s_mA3VNQ2BKwzhY3c8z_Eo2uTU3LfYp_FEWcGokEECNBnOsAibpT549qhWeFh7BzhrzByw4rK5Wt88J7Tki66XGN7cnfjI038wWC_DUw-snlK_ycDwIsQNp9ebXlj4HhJ3-o4hVFzx92zG7kbnsQHLyILE8lmnVcT6Acm-6CHMGh0uZ75WILb8BM0YiApWLLSTI3dIrC31a9IPZUYUEWyQBfvhjRLxNBQ1GW3wpSA5FdNC0BRMmeKa8xWBJ0PGIImQdhi2z92GZ8xMplzZ3WGEecg5CpMjUQ3--vhuLGpxDDyg9QCF1u5OFfJAlL9HbE-znMwPb8Dn1iu3ErWwGhy-XLhV3yfw94tExF10KWRjNOK8T8q9xuNEvSQm-Cb70QgSsTogEhc3hHw5J2IB_BJqXTbIpiU62GuXvPCULc6QgoGzp9u0y7fmVXVjh3Mw97L8sHeCskdn_LaMNQpm2M1pvxYMu4k66R7NGP2acGqMlksVo1tU8I6nZKZYrTXb91v1AXBfiZLU-F7MHkdIvZFy2IakEn1guhqFO56768MQsZqMY4YNEFuebarNOscAP92E3NU-yGbZAbPM2S_M1cBelC-hletLSFBipJlmBs-vWz_nURV-vZ3gsRGk9dNuREPtew7fH8_PNDMvlb_kkP-QoQPO2hd18qOM1g5FKz6q-bjQrXaslHNWmdDWthJbZWyf9i6tM5Kw51rLc1ZyhE7r4SnoD3jLFdGZucWVttHaYcMf0LqlN9AxZVFTW5KLgl_GTz0yH400H99u-xJSI05l2sjPl0p-dG4ZBQAjvXyZ6ngX3nqbDB3FqfAwEvW7VkymPFws1fdd58m5307jtRdZ3XINa_iawLd8thMOzCbX1TGGMB615_z7867LGhJEeqELkh0uYXjKS6xs-CGfanTJtU-IpBRCvxS1Pm-5EtpvoB8DG4QAnGBGKaHkMrrpAbPoMo7OLP9s2YcCGs_kcgW2xFslQ_fu_XZ4rW4vQ-yG22mBh5edd4v4z3s9MM4hr6CnShl3Ym1RSpqlS-BQnKW73Xr6pEks599wLM0FCCNV-HG6iwpFbtxeVIepNxAU9FK4PlnEvzaUYdGIzwADlh-vOvt6Y8njRe9LLl9uJOlo0SR5qalt4LUl0kohrVCXy7y2SkL2I_Usk-yh6kwz1o5RaPfugu17kFgxxrwJG_x-VPBCvgI09ms2aEsGkEIBBI7AC8eF_8pD15tBhiZNJO0VgxiK9huh_nGwwgosNtDb_JBf91tJwlbKUK-GoRCDPc3LbXol_OCk1TKznYYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=20259181566&bidurl=https://randomgenerate.io/cpf-generator&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ioPmDR8RWXgHo1ySzGRWxr&adsafe_url=https%3A%2F%2Frandomgenerate.io&adsafe_type=y&adsafe_url=https%3A%2F%2Frandomgenerate.io%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6c71c6ca-22c3-7789-a301-ec12c395d789,c:2IehW4,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74b57f8799-xg65r,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C191%7C1a*.1525518-72172425%7C1a1%7C1b11%7C1b12%7C1c%7C1d,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:14,oid:18b1b893-becc-11ee-aa07-e6a1e1ce5383,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXE1pRH3d4z9SQfyt3Tualq7ton8E3368i9psL07nZ-FVH_EtQ&d=CpkBAKAmf-CKqo9LYHemr-BHjPAvlWnmA_IkMH8Zgwms2n58U78QOIzCtCcFtCJozwQ7bWck3HnZVT7YRsOyGKiP86yxuFy0Re6Leh66UCfe17JeFar7yB02R88vBloSG7ZnSyckij2mvpQWTKGXldjw87JBg3kcs12vypj3ZDoTpXi_AZWgezdRcp4MZOf0ABfMm5zY-6ibokg3EtkUAKAmf-AGNPKqnJ6SmXrVRUmkEUFKsdV7ypJOlr7q93Ic6jCxLS3ZB5WyVsTIYWYoX1mOzcxdUXTSftH3gMO3mGg52BbTnkQH7QfP3MjTGu5B0KOQbe1jsLGsaIdXGBZa4BeP7ARWdzCWc-26RArjqcCGfB0WMA1mvuDEt5Ic2RBBzNAXOOlgLfJK4HKiPkbCHmlmL34F09Y_41itLjItBgi1lvudqCwDrL5tF7fKSyJUDdWhgOCoXF7K29sG65b_a6NHTL3FoAFG9iS3d-Bk0J4t2lUsHSJ-cyquXVD-ETf2hvz3VDPXeVWpyrYkC1cwxfobaxmvmmdtNUY6FLLk9VYgnIkNG_T4ku676mgVDLxHmy-tOJQcGYhORB_FWa9HvsrbwVuGlR3ZiGVn2y0bbVU1RMLsLlON8f7GFdAu3sMmnm_zYRMdMF9eOc-StrYhZ-E-KkvIrmlQTOyguAmA2CASFC1aIAn1k3amBG-Z2SUUwgVhBjby1VQe-eZJoQQddzVa4FQIElQ3pPhGcSw0L0RO0IMUcupCdEDdU0PZwQOmFnLXx7QItad7jXD4PV5dDpKbqxfNXgLN94FCq9zjucuM14l7dGVPxMxYyiTgmMg7Jo55Xv5LJioaH6X5uQPXQHBw-IZrTuqMcEplk3Ua-meyA2svNU0u-cF8BSG6grre-Hs_RqaOaFrtuGUUUi8gGQVg_32hZJoAyGxhEk8Hmrl0aD1y0niTtZY7JnjI59-GvguMMyEcTgMR3HInA7M96Snxbvadw6XwS2EphFzzbpuqYVthBpX9J8Kp3Hyx2eNFJ3lGzwuGrkzkzkQluKDfbIrKgzb1rGHvZGZ91StKdqfmn7Yj7eri-up12QtkClT1SfhZ_wpDF79DCuNleQcAD61T2djoLerbuTtyryWasNrT-tQCQXc9CgeC7Mlf_UUR4x5KpP-2zFONxtHVD-jO2W6-0JPdNPnCOf1nk2ubcp8VUzScZAIsLoFT6nTCiQZ9mFyNbJovSjg-F5QZeB_51_1YN9VT0w3cLm6af1ebV947X3HjAIBUxf49QiaYl9bcEm_-dZdkoev6A8u0W-qdH3Mw1zkIUWoltKi2a1p0IvDxmKGZX2ktcCYia2CIxUF22e4XKY1Axp83mrG6YsjSl-eCkJ-GuIHrXsYan757QXlmGqD8LvXDCjJfstNRboLa9ubGNs7DyRRHL2AUmaiHHtnyLemyaFnQqnrDunkKpoHJ6XgG-P7yK3IF8wshdvuetGmszs6TLCEEenPK6OKgNID0VX5fu3RGmSWpEg4DBkyXfXOTFIVt4mWMQoU6UkffuPlouS-969oCa5v1_gEhNBgLASR77DFboEmyGs79M1IUKznKTu9rCS3YUkgPrxTyMWYvK65giouRv3sRYiqZVhkB9-pGXg6sww8IwVyFrCgiy5wwb4kNNI7DXvaMTOh4F9kXHiIvtHgAfkK1L6pXoNp3v03Rctw6inErikh5s8sO4kgo34fdREHBGBJ9C8PFJq_awv6XFobQzRiU0yJtro751jOE6rvcwC38BjV4lLy4AnvD50Q9Ah0-Fpqg234MSgh0GfJMHf3tdQ4Y-rZIL-Hl2-nUBjKgguiLTNI_EMnPr69zso43wvKZBJH895SXpi5kEkelVsOdWLq0Sbz53EJ-kr2fzq9VBLON_cw7SinRYVi3G0yVtG3kdBylss7HF48YmWxGBUIX7ZSY7YURkLGLrnvoZpgZhUlWRQE4UFrEGTghsDL6QJBeAAQAzMZsgNEuRF5ZOF1SwywBNA1IHYeWHCsHLz110Dk2XvuoMNdmAhd1wTcOT3hl0t7xAi8Upia-BtH9sb5RHmOXad4kGrSogSmmmSN05Brb0oHdI5y045xdqujiz_rVAUPlGTknJEnIUj-xf6X9KXdc_XBA1P3tmKURZxdW5YJTaYcNZs3eib58a8aDA7fDTGmA6Tk18Fqm_ZITLg0GcGKhCXIuvC2aV2Yvjzj5C4BiFLXvvVvDxiNSGAje8GanmG-3dXvidkYyzTnSYHiDSQTZEVsfIBAHpVOSgpKefrZD_4hoW3OpDCmBWegyn9qdnsadoHRftEiYkv2uC6Dg1ejnfshokhm3TBJNs_MidWWW04kBhxWur7C96F-KdeSlCUXOZHzUgZ8FYvV3WBxJbxSmy9QlVwIhNzLq4vifUCguMGAYTcltR46yCbUfJMAXNCDPOC_UN3G329za8vTwHD51z7cpLS1QrUv5VcSNXTdCIRUrvEIGQRcT3Y_p8HVW7dNN86oePoEhoHcdaOHxTIwJh60XzqJ8XwAtdfJfZur2nq3s_mA3VNQ2BKwzhY3c8z_Eo2uTU3LfYp_FEWcGokEECNBnOsAibpT549qhWeFh7BzhrzByw4rK5Wt88J7Tki66XGN7cnfjI038wWC_DUw-snlK_ycDwIsQNp9ebXlj4HhJ3-o4hVFzx92zG7kbnsQHLyILE8lmnVcT6Acm-6CHMGh0uZ75WILb8BM0YiApWLLSTI3dIrC31a9IPZUYUEWyQBfvhjRLxNBQ1GW3wpSA5FdNC0BRMmeKa8xWBJ0PGIImQdhi2z92GZ8xMplzZ3WGEecg5CpMjUQ3--vhuLGpxDDyg9QCF1u5OFfJAlL9HbE-znMwPb8Dn1iu3ErWwGhy-XLhV3yfw94tExF10KWRjNOK8T8q9xuNEvSQm-Cb70QgSsTogEhc3hHw5J2IB_BJqXTbIpiU62GuXvPCULc6QgoGzp9u0y7fmVXVjh3Mw97L8sHeCskdn_LaMNQpm2M1pvxYMu4k66R7NGP2acGqMlksVo1tU8I6nZKZYrTXb91v1AXBfiZLU-F7MHkdIvZFy2IakEn1guhqFO56768MQsZqMY4YNEFuebarNOscAP92E3NU-yGbZAbPM2S_M1cBelC-hletLSFBipJlmBs-vWz_nURV-vZ3gsRGk9dNuREPtew7fH8_PNDMvlb_kkP-QoQPO2hd18qOM1g5FKz6q-bjQrXaslHNWmdDWthJbZWyf9i6tM5Kw51rLc1ZyhE7r4SnoD3jLFdGZucWVttHaYcMf0LqlN9AxZVFTW5KLgl_GTz0yH400H99u-xJSI05l2sjPl0p-dG4ZBQAjvXyZ6ngX3nqbDB3FqfAwEvW7VkymPFws1fdd58m5307jtRdZ3XINa_iawLd8thMOzCbX1TGGMB615_z7867LGhJEeqELkh0uYXjKS6xs-CGfanTJtU-IpBRCvxS1Pm-5EtpvoB8DG4QAnGBGKaHkMrrpAbPoMo7OLP9s2YcCGs_kcgW2xFslQ_fu_XZ4rW4vQ-yG22mBh5edd4v4z3s9MM4hr6CnShl3Ym1RSpqlS-BQnKW73Xr6pEks599wLM0FCCNV-HG6iwpFbtxeVIepNxAU9FK4PlnEvzaUYdGIzwADlh-vOvt6Y8njRe9LLl9uJOlo0SR5qalt4LUl0kohrVCXy7y2SkL2I_Usk-yh6kwz1o5RaPfugu17kFgxxrwJG_x-VPBCvgI09ms2aEsGkEIBBI7AC8eF_8pD15tBhiZNJO0VgxiK9huh_nGwwgosNtDb_JBf91tJwlbKUK-GoRCDPc3LbXol_OCk1TKznYYAWAB&cry=1

Request Chain 271

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDna9TVjniRrnoXpY6Y5Jeg&google_cver=1&google_push=AXcoOmSyf3_lwmrnM2xu9Ebj6yDYri0d6ciqkwF8lTdWAg5jL_o_IiishMVMnvXkbCLrj-j7N8ir128Dx96x-4y0hbmXqOVQvfk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzMwNzc5Njk2Njg3MzY1NDI2MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDna9TVjniRrnoXpY6Y5Jeg&google_cver=1

Request Chain 276

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKJtHfrVKDdwf2da3SGI0ks&google_cver=1&google_push=AXcoOmQikOpNiQ9iyJeY260M2XLlkoopB0wPaiyUMf5XvwemIBQ1uFoNsSOwRV_4qE055eKt2iWd94-o-6dY_3vRUAPyvU-WU8Tn HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODg4OTQ3MTkxMTkzMDQ1NDM2OQ%3D%3D&google_gid=CAESEKJtHfrVKDdwf2da3SGI0ks&google_cver=1&google_push=AXcoOmQikOpNiQ9iyJeY260M2XLlkoopB0wPaiyUMf5XvwemIBQ1uFoNsSOwRV_4qE055eKt2iWd94-o-6dY_3vRUAPyvU-WU8Tn

Request Chain 277

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEKxHoh2i4KsuTTwdEq064nk&google_cver=1&google_push=AXcoOmT1K0_u-48T3T3pfvOFemKGpMqRsNp_6xVBCQ5v6MAYfKJE3dwYrZ1IhxQHfGR71vNrQhyh9B0nYZ398CgHO7aTFGI5x_dezg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=394b6b2a-44a1-48f2-9c45-590959337794&google_cver=1&google_gid=CAESEKxHoh2i4KsuTTwdEq064nk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT1K0_u-48T3T3pfvOFemKGpMqRsNp_6xVBCQ5v6MAYfKJE3dwYrZ1IhxQHfGR71vNrQhyh9B0nYZ398CgHO7aTFGI5x_dezg&gdpr=${GDPR}

Request Chain 279

https://fw.adsafeprotected.com/rfw/bgd/1525518/72172419/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-Au_pS2S7MBI0Kp_EeXTAsumq8GFitrGRKJY2NJKIlpaYfH4C301xT1GbDVqjvGiBlow_m5QmN3lzcK84afd_5UBIMT9hjelfG2jdz71IHCUnRMBQcAMXrmryoyNDhzgV6wMyiZdXLwiUTtyiG0S0NmDITeXXR6IhgAK4L-O1s65nN_KlTJ56EvkhJFh3sjgKRECeweEskUAKAmf-BOWPPBk_LSgKJLoYCFM3f4nOGV8elU_-9Eo3HJWugPaFd_CCdtUYnhI5wyCDZvPzQJ4oy6HKyJJhlDKQfFnBL1GQhEohM5fvI3V1OtHDt7jrWo4YdON1zoasqRYwlEVAx6x4XeWrZtO5cSqdpP6gnrmRCIjg_cfPnYRF5cB1r5_BJ9UoZbLk6m_dpiXQLjHndhgGHOgPIZ_HFBIhi4xvMUjHjmw9_LCJLPBaOlvOcKQq2Ka0ooRG36oXHKuHH26iaOUFvIM0E9UPtjw3UllflSshMeZtQ6Sl7NjgnEpSewqHWCCZK29vVp8iLx_BGmnFK3XQRORoV29luCwsTNgvz8dhWBmB4YB3_3BODsttnuk9VgVtNopyk7VDJVYdncsTn4SF-eCZATtQl_uhvu_JefqdfYEfWWWY5KZL8yVZA_mwLYeJewao7rqa5iixXR0WvZslcvfF6qDz3LZLQmpwMPWl0Lbc00CL3Ut4laD-iAykd20ix20kVbHNc3UYmqjC_yVuO0CQMIWpk-SjpLbaaa7_B_HbtlMjVwK8zeHx7nUVKFtgopJw8K8jbZWPJq7bcpL2ZBn-GJ_4mdFTQUEFfwZXPoZmQzbndmthuxj2p1vwnJOxpC8WkVf6w5y5f9iYnkStbNH-EYkDOJZ97KqTn38VOxmWH1zkfWnjSbeiU1CnehnWe1vs5YYGmJxTRcBVSXtnnhdwdC8uUnlcnIQ27CSuxHUmhuMXe2ybuVdP83r2-wmEO0WFzaFBSF_EhtWFEw3JlE6MLrsJdFAIjOklw2D3bRHpaKRVfRMw4_fFcHSl6Lbm2e5mkWPJ3_Jwv82XTKb7G9IVSL6tgKhYNpE2ggJ9s5iZg1SAOQji2A7ffnemfDuTAzPqZiF97otEY7KvC4yo86Jt9oeV36qC3ptJOyUtI7Z9nLq30pyRH429WTYWnWxyW7iuT_ken9pl5p9bPwgyf6J3WX6SnGmbUlmKL8b3HnnY4VRHtG0Zuo5_RPxF5cUsFFl3iGrXnL5Z-ksXzn5cSOQEd04yQmySglS-2jzPgMizpW5xY30EuFiZyGubLE_CGEmE9zBa0n3gOvN7I_0F2XrJ9hg-dfa0uNPzIiggLhfh1kPktdAZXCzipjpz_LrabtRs3r6jmbJut1jbNBxgLAMk90zai2QyDbESBSr3tJTl6-aEzZdE9ZzLKqO3xjYyn27sFOKVMRijd9soXmnn1vFDNsF48isajA5lR05LEYb34y0rfejtuKs1egdIIkp-f2rbPVmeVF37mZuzihF2VoLoJknjOZo2A95SQaKOWfdSfjYmz0bmRdNN2f3m_DWJkopClq1_3kVKJVNTSnWz0LlgdoJVRDOXYeDSGzw5nRbG9-ZySiA1sHe5Mo78chaeUwxkiBK2Fz1Ak_2dOW-GR_U0Q2keor0AmMb15dG2gfXBdYGU0dWVDsEcCgp3Aj4hqzxH1j0z6XZlir0oqNonDLfzWycNuaXHcoQJDDQw_WNlgSiM8uxkgbrixPpb3HsGne7sWHkHZ_xisCNelJlxSkfm3R4sF9VfY7OeM9nTjxlXrQEdFPU8RDS_eRcaDvcuh0O4nSgmlktodMef7fb0uJQn-qng33vLp3NwSq8aihz4_byDO10wDEUXiYLhbi1LGpDZWJbG-aJljmA45Be8R0rujZJcmEPr_9msrNGBndnkvDsWjS8qhQE1fe0-tMz0seUOqNGg5_hRO8JuQPcz-zQDG53eVtyM0yDyHjBUkl8sIevZBRCQeGAeMTlaJxrf_eO6PWYyfbbvHWHrn2awqVOvFYEt28BkdlKxib0VSFQ4g_Fpude4NtNlMnyiUbfOGCMqvxRhREM-qtbbwJOZig_u11020BNmhLWvwPuh9pJMEmbJHsH6Wd0KLKU6I_QIH85mFYuWri86SC7fyOYhSB4CfISYp3v6x_TALwiv6pb62Sxvxwzpyvt5Fl9KuoORUVsE2wpCbkEUNEI7ZARrXFO70BgP6-cQtsnXlk6p1mTci23nEYKzWOY2ESFsQLRdHDmc-NcgTxPZR0cBx8owzG45REg70koMJe9m-C8blaPeRUNHZlbd3bCvV7hh-O9euq3SDvI0CWI1tnNyNKGo2PgsWW_PIKev2j2kHkix5OjAG3sSadZ5yHNO-OOaLC1rXZsKaxwPs3yYa157cDNr3AmL3lLOPw3pIS2hp8cZzLwx1MLs3J5T4aZCromuPlA9-LeMb2dqliDFLxzsVwoKLM9oAL48pH0cT6-71-LBCucrThfie5GuM8hRDv69TkwM0vFQ9fn5fVjyeuk1NQw1qORDEYy61-3WETqA9EcugzzApNwceraWNY8FU_RiTHh2mWJxXksrxwDIJTFm8RKLUQgEQKEFIAZngb0IMEHqqeYBjt4JDg79OjOIk1rxThy2ikP28PbhFnE5DYXbWvd6tT3nR5VO5gBWqScMPOYdOb3lsnsEXwoU7Ya-32cwq5nNtRb2OigrIhFUHfuvWzX5kHYlEO9OcfrBa-zACPXHMNSqABCi3AMdpxdrvnGoq3FLDvdjMCqxyhNUvTQok26_VP1xZZMsSefotnO760yXE_kjrRujNeTt8fGV-PRM8o2QXOSonKVX4kJVMOx-On1O5qh1K6TCib0FL6OnY2Tp5LNssNU-IPYLuWihzeUoT1SeczNlTf5QALFelWH17uRTd4Q46FiIlHu0zF9UD7dzBZM60OWixLpDX8RoWdJsnfnrl9Ls52cBnKYrmzQoCABcXjCYiRmZFSD_hR2wpkh-YJ_7m5wcG2tHCBT_y9ArCfdoBANOyZ0_ZdATiKjOEiOTjYuEWY1_0cYtzp_XtcItldaNns-eqcsMxb7whXvLhj0AyXMNJ2bkxCMgVOgHty-Zuto7WEhDI_P_jnKzdQX5rD0ma9FqPiaU4rZEOdJabT4UZjNP-eGelpP6_0brume23aPezv-_qWfvaW608N2ZfY8KZGiZD6STeMGd8yFBym5HDFOCoDf67E2VCRQHN-3PcJn4v44hUxLK6k4ZiBh5YHQ_MjlAmytiOm_N2EmFb_pqQSZ3HBeSlSnEtoNZXYg5nuh1R0Talu_BWrNKGuw9RfGAjdjhrUgN7upgNTk2YcaeGggTsRMUWeq-S9-waq8yg2E7MtUxpgl5ci-J5s_BFkdjHla4fTVkgZGsKDrg7oSJ0ZC0wAX9rBVPMKx3R8dGJQkS3KDWB4ly3RUBc9JlGxAZ2sQzAp9uoe0sdTshOpRwv60O8zCM4hc90l97xJppkDc-U3dKHrs9VIZHlYt7529nZIUgzeHNRTSFP-f_pv2jZdI1-YP2u65Z_yKxG0Nd_sJl90L5bCE75yfyQWuAEB6NJMeGi5qLo4uITpwaLEYttX7m-X5BSH40-mew4lF1CWrOrF2uRBQ382zuSeF0tHMup0gnVHS1XE6fCso4etzjY1orTHi2UdfKJnjimmuuwykmm_UUD9GHlUGgltDloSqriWgOkU_bHBs8jLuegZ8FEaQQgEEjsALx4X_ykPXm0GGJk0k7RWDGIr2G6H-cbDCCiw20Nv8kF_3W0nCVspQr4ahEIM9zctteiX84KTVMrOdhgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=20259181566&bidurl=https://randomgenerate.io/cpf-generator&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hsa905jyWxz5hmM7O_PndF&adsafe_url=https%3A%2F%2Frandomgenerate.io&adsafe_type=y&adsafe_url=https%3A%2F%2Frandomgenerate.io%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:14eabd31-13cc-6cae-4b79-a87652180509,c:2IehWY,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-df56d4bcf-qs69k,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:u2M3uCW+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18*.1525518-72172419%7C181%7C191%7C1a1%7C1a2%7C1b11%7C1b12%7C1c%7C1d,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:14,oid:18b93285-becc-11ee-bf33-fec595b85654,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-Au_pS2S7MBI0Kp_EeXTAsumq8GFitrGRKJY2NJKIlpaYfH4C301xT1GbDVqjvGiBlow_m5QmN3lzcK84afd_5UBIMT9hjelfG2jdz71IHCUnRMBQcAMXrmryoyNDhzgV6wMyiZdXLwiUTtyiG0S0NmDITeXXR6IhgAK4L-O1s65nN_KlTJ56EvkhJFh3sjgKRECeweEskUAKAmf-BOWPPBk_LSgKJLoYCFM3f4nOGV8elU_-9Eo3HJWugPaFd_CCdtUYnhI5wyCDZvPzQJ4oy6HKyJJhlDKQfFnBL1GQhEohM5fvI3V1OtHDt7jrWo4YdON1zoasqRYwlEVAx6x4XeWrZtO5cSqdpP6gnrmRCIjg_cfPnYRF5cB1r5_BJ9UoZbLk6m_dpiXQLjHndhgGHOgPIZ_HFBIhi4xvMUjHjmw9_LCJLPBaOlvOcKQq2Ka0ooRG36oXHKuHH26iaOUFvIM0E9UPtjw3UllflSshMeZtQ6Sl7NjgnEpSewqHWCCZK29vVp8iLx_BGmnFK3XQRORoV29luCwsTNgvz8dhWBmB4YB3_3BODsttnuk9VgVtNopyk7VDJVYdncsTn4SF-eCZATtQl_uhvu_JefqdfYEfWWWY5KZL8yVZA_mwLYeJewao7rqa5iixXR0WvZslcvfF6qDz3LZLQmpwMPWl0Lbc00CL3Ut4laD-iAykd20ix20kVbHNc3UYmqjC_yVuO0CQMIWpk-SjpLbaaa7_B_HbtlMjVwK8zeHx7nUVKFtgopJw8K8jbZWPJq7bcpL2ZBn-GJ_4mdFTQUEFfwZXPoZmQzbndmthuxj2p1vwnJOxpC8WkVf6w5y5f9iYnkStbNH-EYkDOJZ97KqTn38VOxmWH1zkfWnjSbeiU1CnehnWe1vs5YYGmJxTRcBVSXtnnhdwdC8uUnlcnIQ27CSuxHUmhuMXe2ybuVdP83r2-wmEO0WFzaFBSF_EhtWFEw3JlE6MLrsJdFAIjOklw2D3bRHpaKRVfRMw4_fFcHSl6Lbm2e5mkWPJ3_Jwv82XTKb7G9IVSL6tgKhYNpE2ggJ9s5iZg1SAOQji2A7ffnemfDuTAzPqZiF97otEY7KvC4yo86Jt9oeV36qC3ptJOyUtI7Z9nLq30pyRH429WTYWnWxyW7iuT_ken9pl5p9bPwgyf6J3WX6SnGmbUlmKL8b3HnnY4VRHtG0Zuo5_RPxF5cUsFFl3iGrXnL5Z-ksXzn5cSOQEd04yQmySglS-2jzPgMizpW5xY30EuFiZyGubLE_CGEmE9zBa0n3gOvN7I_0F2XrJ9hg-dfa0uNPzIiggLhfh1kPktdAZXCzipjpz_LrabtRs3r6jmbJut1jbNBxgLAMk90zai2QyDbESBSr3tJTl6-aEzZdE9ZzLKqO3xjYyn27sFOKVMRijd9soXmnn1vFDNsF48isajA5lR05LEYb34y0rfejtuKs1egdIIkp-f2rbPVmeVF37mZuzihF2VoLoJknjOZo2A95SQaKOWfdSfjYmz0bmRdNN2f3m_DWJkopClq1_3kVKJVNTSnWz0LlgdoJVRDOXYeDSGzw5nRbG9-ZySiA1sHe5Mo78chaeUwxkiBK2Fz1Ak_2dOW-GR_U0Q2keor0AmMb15dG2gfXBdYGU0dWVDsEcCgp3Aj4hqzxH1j0z6XZlir0oqNonDLfzWycNuaXHcoQJDDQw_WNlgSiM8uxkgbrixPpb3HsGne7sWHkHZ_xisCNelJlxSkfm3R4sF9VfY7OeM9nTjxlXrQEdFPU8RDS_eRcaDvcuh0O4nSgmlktodMef7fb0uJQn-qng33vLp3NwSq8aihz4_byDO10wDEUXiYLhbi1LGpDZWJbG-aJljmA45Be8R0rujZJcmEPr_9msrNGBndnkvDsWjS8qhQE1fe0-tMz0seUOqNGg5_hRO8JuQPcz-zQDG53eVtyM0yDyHjBUkl8sIevZBRCQeGAeMTlaJxrf_eO6PWYyfbbvHWHrn2awqVOvFYEt28BkdlKxib0VSFQ4g_Fpude4NtNlMnyiUbfOGCMqvxRhREM-qtbbwJOZig_u11020BNmhLWvwPuh9pJMEmbJHsH6Wd0KLKU6I_QIH85mFYuWri86SC7fyOYhSB4CfISYp3v6x_TALwiv6pb62Sxvxwzpyvt5Fl9KuoORUVsE2wpCbkEUNEI7ZARrXFO70BgP6-cQtsnXlk6p1mTci23nEYKzWOY2ESFsQLRdHDmc-NcgTxPZR0cBx8owzG45REg70koMJe9m-C8blaPeRUNHZlbd3bCvV7hh-O9euq3SDvI0CWI1tnNyNKGo2PgsWW_PIKev2j2kHkix5OjAG3sSadZ5yHNO-OOaLC1rXZsKaxwPs3yYa157cDNr3AmL3lLOPw3pIS2hp8cZzLwx1MLs3J5T4aZCromuPlA9-LeMb2dqliDFLxzsVwoKLM9oAL48pH0cT6-71-LBCucrThfie5GuM8hRDv69TkwM0vFQ9fn5fVjyeuk1NQw1qORDEYy61-3WETqA9EcugzzApNwceraWNY8FU_RiTHh2mWJxXksrxwDIJTFm8RKLUQgEQKEFIAZngb0IMEHqqeYBjt4JDg79OjOIk1rxThy2ikP28PbhFnE5DYXbWvd6tT3nR5VO5gBWqScMPOYdOb3lsnsEXwoU7Ya-32cwq5nNtRb2OigrIhFUHfuvWzX5kHYlEO9OcfrBa-zACPXHMNSqABCi3AMdpxdrvnGoq3FLDvdjMCqxyhNUvTQok26_VP1xZZMsSefotnO760yXE_kjrRujNeTt8fGV-PRM8o2QXOSonKVX4kJVMOx-On1O5qh1K6TCib0FL6OnY2Tp5LNssNU-IPYLuWihzeUoT1SeczNlTf5QALFelWH17uRTd4Q46FiIlHu0zF9UD7dzBZM60OWixLpDX8RoWdJsnfnrl9Ls52cBnKYrmzQoCABcXjCYiRmZFSD_hR2wpkh-YJ_7m5wcG2tHCBT_y9ArCfdoBANOyZ0_ZdATiKjOEiOTjYuEWY1_0cYtzp_XtcItldaNns-eqcsMxb7whXvLhj0AyXMNJ2bkxCMgVOgHty-Zuto7WEhDI_P_jnKzdQX5rD0ma9FqPiaU4rZEOdJabT4UZjNP-eGelpP6_0brume23aPezv-_qWfvaW608N2ZfY8KZGiZD6STeMGd8yFBym5HDFOCoDf67E2VCRQHN-3PcJn4v44hUxLK6k4ZiBh5YHQ_MjlAmytiOm_N2EmFb_pqQSZ3HBeSlSnEtoNZXYg5nuh1R0Talu_BWrNKGuw9RfGAjdjhrUgN7upgNTk2YcaeGggTsRMUWeq-S9-waq8yg2E7MtUxpgl5ci-J5s_BFkdjHla4fTVkgZGsKDrg7oSJ0ZC0wAX9rBVPMKx3R8dGJQkS3KDWB4ly3RUBc9JlGxAZ2sQzAp9uoe0sdTshOpRwv60O8zCM4hc90l97xJppkDc-U3dKHrs9VIZHlYt7529nZIUgzeHNRTSFP-f_pv2jZdI1-YP2u65Z_yKxG0Nd_sJl90L5bCE75yfyQWuAEB6NJMeGi5qLo4uITpwaLEYttX7m-X5BSH40-mew4lF1CWrOrF2uRBQ382zuSeF0tHMup0gnVHS1XE6fCso4etzjY1orTHi2UdfKJnjimmuuwykmm_UUD9GHlUGgltDloSqriWgOkU_bHBs8jLuegZ8FEaQQgEEjsALx4X_ykPXm0GGJk0k7RWDGIr2G6H-cbDCCiw20Nv8kF_3W0nCVspQr4ahEIM9zctteiX84KTVMrOdhgBYAE&cry=1

Request Chain 283

https://fw.adsafeprotected.com/rfw/bgd/1525518/72172419/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CHnW4tRvN7xrlrsJWzW5o_9lyYQVWwzt6ZWZRLsqkkGE42KH8l0FvPdqvwEL_owQD8z8ahMbyXEevFxYeiuJH_OEXp14GYAcl7VN3Y1ueb1BElDKS2J591-Wd91apaMe1dTVUBcHBmgaa5l67kETvyofQGb63cfXs4EeRMrkU9fEpSbm4metaH8b9tI5jdFQZWy_buEtkUAKAmf-A40QHaEsHyRFmCKAIDVuEGZ-z_20v7sKqd4k3Bvd_PclE21c8RMKf6_tV3v_jPoCHAGBMULuAsKoQehcPq5RzFUseWlh1eS4cUDaH3lEno4PQjzthOXq7jPisCm4alcet_CmnD_BfYceJGPDjgPNYsWulEY9Bc57m3hMxxlZIokNJbhautg6dW1xmp6IQN7Dznkt0bn5KhwiVd_FboSJROBuvqAckRql1OijZG29s5o81fX8hmM8pferHag5KK5zra1pLN6hNiO4ynShVWj8pPkm8pIluHPyP3WFW9gZqszKQqOr3IBVofLeFNsGx2TbEUsF-eIptwa-pdP8PSW4YzdKsH6XsfRMuQvsJELNt33F3Eh8vkfq495P6eui71fwuJ79EfMMDW9rOXB7kmxSQY7VGtQqkSvro4TOwwtKoK-zrIvDSPxiLqPZ_O29sSMVUM8FPrQotVqPCdG8bgxl8LxR2FN3USVYZrmyQjqUzeN-P49TAlycWislB0CQhiqdxHrNn0EiptBJkgFG2Lh-j4VwtjlN6VhYUFVAHby9x6m4Kt_a4sykySdS4A_lCJuZW6vyxjYohzdd6pbl6NuHBCfUJWdacXp5b90ly3PUHG2RDPL7-5LcVte9sFXyymwuded8ceextKucmKmAAfc1iIK_pQMWMBt6dONoSEg2WshXWFZvi-bcu9F3_fWQABFY7hl4rAzo2g5p0jU7h35yh-7kyEHeIuLaqtPcQ3OFlAnx4NKdf0YSAgbQVJ2J4iU6bTrLZVf9iY48Ry4iyRaugbMqIH4EEVpKOscvtDqz5QfjopSu27XbqCorSNmBjwo-GGKHiohdl2EZgXdArB7og6UMeAtIcF-R59kJPcY4ZB0CXCwZ5ifIUyOedTaN22s4YYivKfqtvF3R3sxkZNSejbEIGc3dbXgLoASXwkO2zA7gjJDkyZl97ZTqWZL9SuwmIjDPKX0PkTCAGIZwergOML1uY6MC3xjiD_z2tKrmp_kbIfyZfGF_tVPoGYQWZn4ER39iPD_WsIogSonFFo-0tZqwVMIbLpP4DwPnDrOlHaF0mZsHwqBtOkDWvP8bzyHPWSKikSa2-iAYR1sA1U1fLARj_KmaZ0sFOZPakahGw9CdRqsxGZywXdO954IL0Rr2ue554I0TIpsSrrg_oSchQ9Ur0u-_wbCcmQXcWhxhbhbAWtc4jZzZQi_CKC9zncq1LGQcUwL9axz262a7IFC3ZmrL4EA4t71y4-JuKgCDPZXr8dqAhhKp0-6QtxLCk6RCRLgtqzzdWc7XDR57-FLy0jYNNxwj3RSMZsQ6UT-OHg7Pp1F6cAde2ReQ3Zkotf-20gViqUeYDRXsVcuNZwrwXrqY14hjP21GgJb2Ny5dXGjXhYI7ZnY5TIvniioW6H3c0q8qCCHsBKFujy_V-fRJ16ipD5EK8PjSD-cHPphdsVl0vdmmhbb1dVNNaJKmb4HkmL-E6jQ3UV1ETXjWikhCn_jetgYh102dqeSyLD5v8LG1UKRSp6JnAPE3sq8Whgo32iechi9SLvayVlzEupPXSakwhZNZqsKuEylP4A0dbcpTyXfHT5l929_TwS0xZN_tRewYDE2hlLTwAcP4ygsq_o_mP9LWXCMkFdA8mcytySc1sZ39ymW3Yh3j-lriLe2enlfogXZDwZnMfo_d6Uph8_z9Q2HC2rhNoj8RoweIktThVapIcRSpEqq4gStUOkZyYuJ1xks6kOeCrh6hn7-JqZzA-lzdlUqkbNlZUyJZEH3Ao1xu4B6bu3qDj3aGcaYio9EKi1-WfQOu9DAfsgKYFWHVrv7Np_CO78ub5wqEgsX-8F5pCkydYGwL7FA3jFRDIk4r8C8cpfE9CFfOhcvlzv562zPpKyMZUxjUHr7s2FBIz94U_lYd94mYp0Hu1TIUUZMfF9WTTVyCZZzQ3dGLiYPu5lAyc8JEdC1SCq4Z-YDXtjhEA_t8Gz568hYRoDnrUqcet6O6cfbaYn61xvQYJrfBllrc_SU61HJLvWFO8mx-ZybeVPc8FvqrNnq3jJoRzIMB4WDfH3I92nVdycamZsf2O571RHc8N8it7AYIx4Jpc6m0xBJb79ogZ4gpAvcQbcZUA0bbx94YhLLViYe_UoGqxW-8P8fDEPew-GW2Tsq-TXhZ77YPaydn8CGTfiTiho2TweAMH_K24HDRuq-5Mpxl_HnHCc0nSWXWxqMarLKTsrAdf_ECeMVfRV0n5qhIy53cvfLbQLGoyopP7FZjhbfVJahOJHVv4hANTsxNdTQCJYn6Q0St7DJrUunCcbmxKH4FatxsEbV9ni2Bj2ksC1hz4i60krKylvy-NvRJycGtySN8E8BxPgKZ74URctGkVQcAQVo_TCYaZOSdiKKC-jmuTV2wBzJZcM_l_4f3_6qKvrvZNy1TMxOXhTiVXqfq9YsOoI0eOVAUtuj929TDG3B3BsXgtpfCqA1VHS8LmLuN5iOzmeVil_AXwi5FyNtnZax8ysLX6wEsQ9b6s38myOa5WgALlSBdGKiHSxSj_qwqSUvkvg3S2DQl1qRFeAoJhm4P5-Yc7seqhxgpBsC4_gihfKMtams6ucs5o0JQyut1e-Yiyo-7QSrz1gQL0VlQN81tvPf0_butGiHL7DK_PEmlc_b30d8-hpISsxusR46UypCpKeqlqW39kpsqBM4Eqw-JfbYyA7QxQAwjLQau56vs01FO3b8Gvw3q_OhXZ9DARq1LkBc3-moIzqNmH5Qk5FxAGUDzZMZWXGECQSbu6jbIU5kBH1QYWNkoXINoEllbBve-j_MlNtL3O1MlhLvgVaD3v-6qaSNf5JrBzHJfO1-CPrNiIOe3TPebfJ5vqqWgu9XSKd17o7I8DWkUVWMiWCAipjbY8-QtSum6sX0-GFdLzjWPmep3KCVAYQgd1DLE5tbIpdX-bMJprhGCAJOm9Qu1AXZIbUR3YqFIg3_FRhEtPXYCnF3RYrDWHz8ihiT1FMhqW-Ks--mZPLIHWUNKld1W7HCk_BMJ2KwRytL2PZtDFlJVYT9HxHn9uPtapq3inlMaQisgjFNHxewJmVBaBRAQKniVF8dnBs1uIBafYZwSQrbYkguE0hnnoHOjZzu5Rv0Db_3Spxv36R7c0YZStrYof2mER_WmZn7VJ2WkDCry3tJX3XPii162xUu79fZ-w3gDYnUGW89NfNpWEfQqlCEJdMYeF2Kyn4KqDclmvqHyjpAWEQQDAOK5qoZpxi5ddkEYaQH2fhLlJAYs6MLIs0jVBtV4SCLT2iNnGUBP7dho8255gfIgr-TImhCp0CteTGea2VIMnRlriqOli17SKSm-90sf9wV4qVyIp1PtdISdd4LFW9EJznQ7BGhCpaOJ6reQlpYzGgj2fctDn4vJZS4tnIen8X-pl7bnxVnEVwrXQkYRdKB8D-buodRoNVDrja-2OiXnrazNB0K-l9l7zsk2nmy79Kou0WzNYzox7GG4E0-2Fb51MKm7G0tG1av4vgDlXm5T_BZ8GKf8h858C5sGR0GkEIBBI7AC8eF_8pD15tBhiZNJO0VgxiK9huh_nGwwgosNtDb_JBf91tJwlbKUK-GoRCDPc3LbXol_OCk1TKznYYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=20259181566&bidurl=https://randomgenerate.io/cpf-generator&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jwHMlOfo9NCMXeXjyXr71t&adsafe_url=https%3A%2F%2Frandomgenerate.io&adsafe_type=y&adsafe_url=https%3A%2F%2Frandomgenerate.io%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:b7e846e2-d4ab-a3ec-b803-79dc6ca0f9cc,c:2IehY6,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74b57f8799-sjbb8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:u2M3uE3+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C182%7C19*.1525518-72172419%7C191%7C1a1%7C1a2%7C1b11%7C1b12%7C1c%7C1d,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:16,oid:18b1430b-becc-11ee-8eaf-e24352b42a0b,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CHnW4tRvN7xrlrsJWzW5o_9lyYQVWwzt6ZWZRLsqkkGE42KH8l0FvPdqvwEL_owQD8z8ahMbyXEevFxYeiuJH_OEXp14GYAcl7VN3Y1ueb1BElDKS2J591-Wd91apaMe1dTVUBcHBmgaa5l67kETvyofQGb63cfXs4EeRMrkU9fEpSbm4metaH8b9tI5jdFQZWy_buEtkUAKAmf-A40QHaEsHyRFmCKAIDVuEGZ-z_20v7sKqd4k3Bvd_PclE21c8RMKf6_tV3v_jPoCHAGBMULuAsKoQehcPq5RzFUseWlh1eS4cUDaH3lEno4PQjzthOXq7jPisCm4alcet_CmnD_BfYceJGPDjgPNYsWulEY9Bc57m3hMxxlZIokNJbhautg6dW1xmp6IQN7Dznkt0bn5KhwiVd_FboSJROBuvqAckRql1OijZG29s5o81fX8hmM8pferHag5KK5zra1pLN6hNiO4ynShVWj8pPkm8pIluHPyP3WFW9gZqszKQqOr3IBVofLeFNsGx2TbEUsF-eIptwa-pdP8PSW4YzdKsH6XsfRMuQvsJELNt33F3Eh8vkfq495P6eui71fwuJ79EfMMDW9rOXB7kmxSQY7VGtQqkSvro4TOwwtKoK-zrIvDSPxiLqPZ_O29sSMVUM8FPrQotVqPCdG8bgxl8LxR2FN3USVYZrmyQjqUzeN-P49TAlycWislB0CQhiqdxHrNn0EiptBJkgFG2Lh-j4VwtjlN6VhYUFVAHby9x6m4Kt_a4sykySdS4A_lCJuZW6vyxjYohzdd6pbl6NuHBCfUJWdacXp5b90ly3PUHG2RDPL7-5LcVte9sFXyymwuded8ceextKucmKmAAfc1iIK_pQMWMBt6dONoSEg2WshXWFZvi-bcu9F3_fWQABFY7hl4rAzo2g5p0jU7h35yh-7kyEHeIuLaqtPcQ3OFlAnx4NKdf0YSAgbQVJ2J4iU6bTrLZVf9iY48Ry4iyRaugbMqIH4EEVpKOscvtDqz5QfjopSu27XbqCorSNmBjwo-GGKHiohdl2EZgXdArB7og6UMeAtIcF-R59kJPcY4ZB0CXCwZ5ifIUyOedTaN22s4YYivKfqtvF3R3sxkZNSejbEIGc3dbXgLoASXwkO2zA7gjJDkyZl97ZTqWZL9SuwmIjDPKX0PkTCAGIZwergOML1uY6MC3xjiD_z2tKrmp_kbIfyZfGF_tVPoGYQWZn4ER39iPD_WsIogSonFFo-0tZqwVMIbLpP4DwPnDrOlHaF0mZsHwqBtOkDWvP8bzyHPWSKikSa2-iAYR1sA1U1fLARj_KmaZ0sFOZPakahGw9CdRqsxGZywXdO954IL0Rr2ue554I0TIpsSrrg_oSchQ9Ur0u-_wbCcmQXcWhxhbhbAWtc4jZzZQi_CKC9zncq1LGQcUwL9axz262a7IFC3ZmrL4EA4t71y4-JuKgCDPZXr8dqAhhKp0-6QtxLCk6RCRLgtqzzdWc7XDR57-FLy0jYNNxwj3RSMZsQ6UT-OHg7Pp1F6cAde2ReQ3Zkotf-20gViqUeYDRXsVcuNZwrwXrqY14hjP21GgJb2Ny5dXGjXhYI7ZnY5TIvniioW6H3c0q8qCCHsBKFujy_V-fRJ16ipD5EK8PjSD-cHPphdsVl0vdmmhbb1dVNNaJKmb4HkmL-E6jQ3UV1ETXjWikhCn_jetgYh102dqeSyLD5v8LG1UKRSp6JnAPE3sq8Whgo32iechi9SLvayVlzEupPXSakwhZNZqsKuEylP4A0dbcpTyXfHT5l929_TwS0xZN_tRewYDE2hlLTwAcP4ygsq_o_mP9LWXCMkFdA8mcytySc1sZ39ymW3Yh3j-lriLe2enlfogXZDwZnMfo_d6Uph8_z9Q2HC2rhNoj8RoweIktThVapIcRSpEqq4gStUOkZyYuJ1xks6kOeCrh6hn7-JqZzA-lzdlUqkbNlZUyJZEH3Ao1xu4B6bu3qDj3aGcaYio9EKi1-WfQOu9DAfsgKYFWHVrv7Np_CO78ub5wqEgsX-8F5pCkydYGwL7FA3jFRDIk4r8C8cpfE9CFfOhcvlzv562zPpKyMZUxjUHr7s2FBIz94U_lYd94mYp0Hu1TIUUZMfF9WTTVyCZZzQ3dGLiYPu5lAyc8JEdC1SCq4Z-YDXtjhEA_t8Gz568hYRoDnrUqcet6O6cfbaYn61xvQYJrfBllrc_SU61HJLvWFO8mx-ZybeVPc8FvqrNnq3jJoRzIMB4WDfH3I92nVdycamZsf2O571RHc8N8it7AYIx4Jpc6m0xBJb79ogZ4gpAvcQbcZUA0bbx94YhLLViYe_UoGqxW-8P8fDEPew-GW2Tsq-TXhZ77YPaydn8CGTfiTiho2TweAMH_K24HDRuq-5Mpxl_HnHCc0nSWXWxqMarLKTsrAdf_ECeMVfRV0n5qhIy53cvfLbQLGoyopP7FZjhbfVJahOJHVv4hANTsxNdTQCJYn6Q0St7DJrUunCcbmxKH4FatxsEbV9ni2Bj2ksC1hz4i60krKylvy-NvRJycGtySN8E8BxPgKZ74URctGkVQcAQVo_TCYaZOSdiKKC-jmuTV2wBzJZcM_l_4f3_6qKvrvZNy1TMxOXhTiVXqfq9YsOoI0eOVAUtuj929TDG3B3BsXgtpfCqA1VHS8LmLuN5iOzmeVil_AXwi5FyNtnZax8ysLX6wEsQ9b6s38myOa5WgALlSBdGKiHSxSj_qwqSUvkvg3S2DQl1qRFeAoJhm4P5-Yc7seqhxgpBsC4_gihfKMtams6ucs5o0JQyut1e-Yiyo-7QSrz1gQL0VlQN81tvPf0_butGiHL7DK_PEmlc_b30d8-hpISsxusR46UypCpKeqlqW39kpsqBM4Eqw-JfbYyA7QxQAwjLQau56vs01FO3b8Gvw3q_OhXZ9DARq1LkBc3-moIzqNmH5Qk5FxAGUDzZMZWXGECQSbu6jbIU5kBH1QYWNkoXINoEllbBve-j_MlNtL3O1MlhLvgVaD3v-6qaSNf5JrBzHJfO1-CPrNiIOe3TPebfJ5vqqWgu9XSKd17o7I8DWkUVWMiWCAipjbY8-QtSum6sX0-GFdLzjWPmep3KCVAYQgd1DLE5tbIpdX-bMJprhGCAJOm9Qu1AXZIbUR3YqFIg3_FRhEtPXYCnF3RYrDWHz8ihiT1FMhqW-Ks--mZPLIHWUNKld1W7HCk_BMJ2KwRytL2PZtDFlJVYT9HxHn9uPtapq3inlMaQisgjFNHxewJmVBaBRAQKniVF8dnBs1uIBafYZwSQrbYkguE0hnnoHOjZzu5Rv0Db_3Spxv36R7c0YZStrYof2mER_WmZn7VJ2WkDCry3tJX3XPii162xUu79fZ-w3gDYnUGW89NfNpWEfQqlCEJdMYeF2Kyn4KqDclmvqHyjpAWEQQDAOK5qoZpxi5ddkEYaQH2fhLlJAYs6MLIs0jVBtV4SCLT2iNnGUBP7dho8255gfIgr-TImhCp0CteTGea2VIMnRlriqOli17SKSm-90sf9wV4qVyIp1PtdISdd4LFW9EJznQ7BGhCpaOJ6reQlpYzGgj2fctDn4vJZS4tnIen8X-pl7bnxVnEVwrXQkYRdKB8D-buodRoNVDrja-2OiXnrazNB0K-l9l7zsk2nmy79Kou0WzNYzox7GG4E0-2Fb51MKm7G0tG1av4vgDlXm5T_BZ8GKf8h858C5sGR0GkEIBBI7AC8eF_8pD15tBhiZNJO0VgxiK9huh_nGwwgosNtDb_JBf91tJwlbKUK-GoRCDPc3LbXol_OCk1TKznYYAWAB&cry=1

Request Chain 285

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 293

https://fw.adsafeprotected.com/rfw/bgd/1525518/72172419/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CDKo2X86noEY_cVD5D7bODgX0nJKGqWMopmSeUoxdxFxYUUi30Wds4smSU9rNR9XU5z1JYy3zJK9xBJW0GL0LUnRyLxxxh3ZPiDzwcY47wzPFhFhMO3TJ5erKy9TuWe7xTa2zxAHllMEG4CZCYiNAo7R-PSu6yVseEq1tJFKfezo6xOHcTlZLMBkQHI2lt4CRuj8hnEskUAKAmf-A4pPVEG0UW-n-n1Zdmi_ZeZtyka4lkMZVYsfi6WLNv68ypRzzc4HwlZK7AXlL-kPE8oZQ8R3AbNllo1wGgFPIo396X9wDNSHPrb42uAwqh54AHkwl2s4R7XVwPxyVTSPaJ7L4mpUPL5PQRpjQNYEiUjxIMo4U6LaUA8AYsNUT6DEGATBYZdIYIgMHaG2m7hNSYYBEzWwB1AWx3CoP54GUT7xhCIOrJQDMqJHKZ-JXDxX3a7i9yG-uWINVQ8EsTtg4eH6A6ZBzCy0sIHQSz65VZGEKhbdPlWUZU_5PJ8RqsHtJd6jUDGHw_aYyAwEFQG1a1StJok9P5557Xwg08stRAw24-SIRv1voXZ-eHjKsjbCZYxMO_-q_D0Oq6FDvwZHP88sFYovswEiuZABwPN4CCEdB0X4b3tshQVhe7W3zgnGw9H8m5BpAoEYHbUPlRFLEj0q2t91Ciqvv7IGXEWqjDBTXKss5ufVRgs3MhvloLj2ijaZ58GVqF7IRNP8ec1_czeoLombdBVxiF3nWPu09tVfyn20aKIp8fW8u3E4bqqOgsZfzOk4_zmu72lM1vd3pThtSNm-NqhshSLilJntYfE89m3kNFVcdF-AMDTN5a0Ef74EVYEwdd-pvlzd_wOoTwyx56ZS_kcSFcb3UYewBX8bdtBWwCUiYnu4LowWSM-Pc5jOhCguXL7IDBg-sQdm3P9gZZmlJOMul87eWSix9tH31SIbrKeXo9Dkn-nn-MCn5Pw6HXd1yia35rs7BVjgE2WcbYtSvZFgCn_QTOn90CN1jn3abAGfwaqLOZpNZrVe8AbZmsgPdpVLrkVhiFwKUgfcBELb0rnAkgNVVHEPmMSk-mgkQ0cOku2uAIIrIKTYD_FLN9qCq-4fQTkiPDvCnI_e8VwQy5MwebWa2oKHff7bgi43Tf5YcgaXWzH4n-6gBZkBhCy54AZOoH0Mdb2tT3AHGl773VX5A4LUs8sp8Wuaa5JAllwURog_vtdq1sIxcNn1F69IjgKBTK4-f9s80UHgBpUNi04OWw40wkhi2dBddlbc9XbqyS5vJqdJQlcUqg_1JkXum9-zhXCC8jZn8p0gcVFdJLqDi2gvUdIZfrE2pC3fDAXcKTQtoLF1k83qwtT10mXjNb_buN7wExbuHP543UwLCVITznMWbi7SC0qRPxnMknZIRLtE7itKzXXMWESfqc1cOtPG18vT-dhSYalrJoJeWQEf_TI4vtVfB_F6kP38qvh2JjgtprtK0QamUf0hhZPOEmZ-DX3dMI8-ARjTkGb1KZUySPu1sXYoe7MLn9GCF3XDSF3eokY7TIOjqLPLsm07wU1IjLoxqdvjMnXd78pYR191RneaLHESyYnkB-i-Mf_OaSfNA8eFDjDjIHrQPos1OfFuKLoaADfgpEf1SbyFeuXIf1I50pnROhzBmEI5Kou0WPvxmofYKURNwKYIjnjL9e_MWnVx68tft0-ystnH9zkkZKwdikQARmPNm9j5MFU85jP1U8Ihqi3GSvnbwkx2mUFgPPRehtljLn_n28kgA8DaC55amBaw-KbxVe98ldwjhCiy3HIjZ_Ll3GAxp0znU6IDFZdYM7wccXq6xS20djpWICnyBf_lFNQdGd9ghY0GX-LHJfuVmBA2BbmlbXl0_nyNBsktOvD_ISyK_DbNDPupMZlq0bJWIDpEQfEZ8Xw5y7fS61U8A1YabsXCqDtH0XlrLqq58uTZwE-zmXiY69Ay2g-Upkyk26vVAzR5e2YfJOgENJlKgLos1dJiulehw23WdQVNZrDgLAHNTx2dFDtnohsIIwB1nvcT5xPMtvk3qMgvze_t6Xjok542ubdwyfSmylxHJDO5gt355n71Zb3kmmZyZddmM8JBIbd3NlfXBtk1ypQ7gch1epVPZqkUZelLEswOyOJEx8d0zh5Y4FYNkb3-DKnD3LUK2oAvXawx4hOpiEfVN8cxyzw_taJSsp5enZR2OZ8OagtgojwXoRDcy0JHmEBq20OyxpyZGUvaMSLW1xzpXuQrvxE_vmPoYL27-Ds5Jj5E6bmbgyjS_7XIJFxBwXuCRkek6QbMv4DgSL3z0GucWRrD2IvxbZexPE9GcnVM_MR0X86UHnpGkL3h-dYsPPQ5bYJELkZrhImnKCuDk71bhnN5HJok2_xSymVJdCfRXPaMBT-qBAqrm_4fGhsexaJjv2IKoIQv5wDQpQMa9iTNhswVYknrxXeRQK_A7cDRQiE7-OhvL0LnSSbJt6U0rIaI6TU09E5TDPIyuQnKPor4KOlj-sUSVIzVJ6ScmWYlfdpV2VXlaXxDJUQBtY2_REp4jAER4dMfr2DEREjMMmrD51sfg_09Ckm5978ueKWRSZlWyJJxOlpnvsAd8_26gofChyVkd5pfKF4whAmMUoG2JlQbyNnmRKPCcgXgZq6e8nOYUMvttACgPhHv8QZ31R6BrS8sfae7e9VS1851oVTM1q5ifPXw0rPEeHDcSb52o-HCHiJdTAr5HmLecs2iOUAi3yW6GsPUjkZ9HRUv0xxGV3CAaQlhD9Wy5hop_p9JKmA_bUdbveyzAYPBjQdsrJ_L0VvJcOMT2vybQWuD_qhh_lgQfeci_RhhoSpDGZ6BAKjzAWzz_ojSSekkjeHbN1r32NTcFoC6WPoISWBj-scLimjXJ5fNInfnsSaMYvJbMYWuxdGov3xRZdMIr3-DT0Bp8tFdqpZYyk3X7uZpk_Bb5gc5lpuI5-LIgOa-QzSISnLEHDNoNew1p0Pdco06V-9uQ80R6veA4-ZLrS6XVud1UTw2wJko4IHd9esj6voAdyqKEqwKr3x8XLel7iuQWIAUVsZ0O96uh21Shw82ynSwaNm7kPMlmpbc-_KAhDi0opOrTGeD4hqvpoTo7JZQB6Dh7MDCoRv7VP5piLGfqxKAw1IEGUUlUni225CG2ckvocQVcAfRwVmAI-FOkC_GjhrU5FjFgWnmJOWYBe_2fh9dushQ7CBXkkONFcSvaN98wqzK_NDt4ZNQIK_s-DkG-x9RxV-gzYyuam3ImtFtlq14NdP_i18oaRydhPBcX3xbtPAXATdggiegpq43ZeWpuSppHCGgPN804xSdYhZXgWD4LiNnxTbxXPSW68TW96xXgOxfZU_XARavBqmC4zmeAAY9mBk3JlHp3GbksLmXE0LxSEjMG_Hm_8SUV-djiuhSjDIMl9lS1M3CKZDmX_7P9ONZXXGNUJViJf0XrALTAGQJpbhxNUqKoSJ3Ejc24uBMklX4OR7WLZt90JCY70zmtXV7-ZGs_ff_6LsMrNHi4kL2QmhJl1UGLgWZ9QcYB33THLF-r1ZnUlORJ0rkgutfND6MRVHXoM4rSzkuIr23nW3XAw6F28rzCJzH_Vq4Fr-2VB7FLFgxvaWeICOnb5-m0JJoMJPdpkubt4bQFAE6NL1xshveR7bnRJTOyAEZbfg0XMXgEQ3aFoicKL3SJ0qF-9mCE8NGPtagsBcVTmP8vwIdCyYO922VgaQQgEEjsALx4X_9Xn435f_tEqxLqzlQjQ8ZzYZ_KGPS8obIgm-75V0Z7FKOr1w3xodVCexMTEdVrqi0fAW9Bg2hgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=20259181566&bidurl=https://randomgenerate.io/cpf-generator&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j8qcebmfGpnEje59UIA44M&adsafe_url=https%3A%2F%2Frandomgenerate.io&adsafe_type=y&adsafe_url=https%3A%2F%2Frandomgenerate.io%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6407d2df-5356-9d3d-318c-b2021426d899,c:2IehZh,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74b57f8799-fkw98,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:u2M3uFh+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525518-72172419%7C171%7C181%7C182%7C191%7C192%7C1a1%7C1a2%7C1b11%7C1b12%7C1c1%7C1d,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:12,oid:18b90b91-becc-11ee-a436-6e3db5407d6d,v:19.8.476,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CDKo2X86noEY_cVD5D7bODgX0nJKGqWMopmSeUoxdxFxYUUi30Wds4smSU9rNR9XU5z1JYy3zJK9xBJW0GL0LUnRyLxxxh3ZPiDzwcY47wzPFhFhMO3TJ5erKy9TuWe7xTa2zxAHllMEG4CZCYiNAo7R-PSu6yVseEq1tJFKfezo6xOHcTlZLMBkQHI2lt4CRuj8hnEskUAKAmf-A4pPVEG0UW-n-n1Zdmi_ZeZtyka4lkMZVYsfi6WLNv68ypRzzc4HwlZK7AXlL-kPE8oZQ8R3AbNllo1wGgFPIo396X9wDNSHPrb42uAwqh54AHkwl2s4R7XVwPxyVTSPaJ7L4mpUPL5PQRpjQNYEiUjxIMo4U6LaUA8AYsNUT6DEGATBYZdIYIgMHaG2m7hNSYYBEzWwB1AWx3CoP54GUT7xhCIOrJQDMqJHKZ-JXDxX3a7i9yG-uWINVQ8EsTtg4eH6A6ZBzCy0sIHQSz65VZGEKhbdPlWUZU_5PJ8RqsHtJd6jUDGHw_aYyAwEFQG1a1StJok9P5557Xwg08stRAw24-SIRv1voXZ-eHjKsjbCZYxMO_-q_D0Oq6FDvwZHP88sFYovswEiuZABwPN4CCEdB0X4b3tshQVhe7W3zgnGw9H8m5BpAoEYHbUPlRFLEj0q2t91Ciqvv7IGXEWqjDBTXKss5ufVRgs3MhvloLj2ijaZ58GVqF7IRNP8ec1_czeoLombdBVxiF3nWPu09tVfyn20aKIp8fW8u3E4bqqOgsZfzOk4_zmu72lM1vd3pThtSNm-NqhshSLilJntYfE89m3kNFVcdF-AMDTN5a0Ef74EVYEwdd-pvlzd_wOoTwyx56ZS_kcSFcb3UYewBX8bdtBWwCUiYnu4LowWSM-Pc5jOhCguXL7IDBg-sQdm3P9gZZmlJOMul87eWSix9tH31SIbrKeXo9Dkn-nn-MCn5Pw6HXd1yia35rs7BVjgE2WcbYtSvZFgCn_QTOn90CN1jn3abAGfwaqLOZpNZrVe8AbZmsgPdpVLrkVhiFwKUgfcBELb0rnAkgNVVHEPmMSk-mgkQ0cOku2uAIIrIKTYD_FLN9qCq-4fQTkiPDvCnI_e8VwQy5MwebWa2oKHff7bgi43Tf5YcgaXWzH4n-6gBZkBhCy54AZOoH0Mdb2tT3AHGl773VX5A4LUs8sp8Wuaa5JAllwURog_vtdq1sIxcNn1F69IjgKBTK4-f9s80UHgBpUNi04OWw40wkhi2dBddlbc9XbqyS5vJqdJQlcUqg_1JkXum9-zhXCC8jZn8p0gcVFdJLqDi2gvUdIZfrE2pC3fDAXcKTQtoLF1k83qwtT10mXjNb_buN7wExbuHP543UwLCVITznMWbi7SC0qRPxnMknZIRLtE7itKzXXMWESfqc1cOtPG18vT-dhSYalrJoJeWQEf_TI4vtVfB_F6kP38qvh2JjgtprtK0QamUf0hhZPOEmZ-DX3dMI8-ARjTkGb1KZUySPu1sXYoe7MLn9GCF3XDSF3eokY7TIOjqLPLsm07wU1IjLoxqdvjMnXd78pYR191RneaLHESyYnkB-i-Mf_OaSfNA8eFDjDjIHrQPos1OfFuKLoaADfgpEf1SbyFeuXIf1I50pnROhzBmEI5Kou0WPvxmofYKURNwKYIjnjL9e_MWnVx68tft0-ystnH9zkkZKwdikQARmPNm9j5MFU85jP1U8Ihqi3GSvnbwkx2mUFgPPRehtljLn_n28kgA8DaC55amBaw-KbxVe98ldwjhCiy3HIjZ_Ll3GAxp0znU6IDFZdYM7wccXq6xS20djpWICnyBf_lFNQdGd9ghY0GX-LHJfuVmBA2BbmlbXl0_nyNBsktOvD_ISyK_DbNDPupMZlq0bJWIDpEQfEZ8Xw5y7fS61U8A1YabsXCqDtH0XlrLqq58uTZwE-zmXiY69Ay2g-Upkyk26vVAzR5e2YfJOgENJlKgLos1dJiulehw23WdQVNZrDgLAHNTx2dFDtnohsIIwB1nvcT5xPMtvk3qMgvze_t6Xjok542ubdwyfSmylxHJDO5gt355n71Zb3kmmZyZddmM8JBIbd3NlfXBtk1ypQ7gch1epVPZqkUZelLEswOyOJEx8d0zh5Y4FYNkb3-DKnD3LUK2oAvXawx4hOpiEfVN8cxyzw_taJSsp5enZR2OZ8OagtgojwXoRDcy0JHmEBq20OyxpyZGUvaMSLW1xzpXuQrvxE_vmPoYL27-Ds5Jj5E6bmbgyjS_7XIJFxBwXuCRkek6QbMv4DgSL3z0GucWRrD2IvxbZexPE9GcnVM_MR0X86UHnpGkL3h-dYsPPQ5bYJELkZrhImnKCuDk71bhnN5HJok2_xSymVJdCfRXPaMBT-qBAqrm_4fGhsexaJjv2IKoIQv5wDQpQMa9iTNhswVYknrxXeRQK_A7cDRQiE7-OhvL0LnSSbJt6U0rIaI6TU09E5TDPIyuQnKPor4KOlj-sUSVIzVJ6ScmWYlfdpV2VXlaXxDJUQBtY2_REp4jAER4dMfr2DEREjMMmrD51sfg_09Ckm5978ueKWRSZlWyJJxOlpnvsAd8_26gofChyVkd5pfKF4whAmMUoG2JlQbyNnmRKPCcgXgZq6e8nOYUMvttACgPhHv8QZ31R6BrS8sfae7e9VS1851oVTM1q5ifPXw0rPEeHDcSb52o-HCHiJdTAr5HmLecs2iOUAi3yW6GsPUjkZ9HRUv0xxGV3CAaQlhD9Wy5hop_p9JKmA_bUdbveyzAYPBjQdsrJ_L0VvJcOMT2vybQWuD_qhh_lgQfeci_RhhoSpDGZ6BAKjzAWzz_ojSSekkjeHbN1r32NTcFoC6WPoISWBj-scLimjXJ5fNInfnsSaMYvJbMYWuxdGov3xRZdMIr3-DT0Bp8tFdqpZYyk3X7uZpk_Bb5gc5lpuI5-LIgOa-QzSISnLEHDNoNew1p0Pdco06V-9uQ80R6veA4-ZLrS6XVud1UTw2wJko4IHd9esj6voAdyqKEqwKr3x8XLel7iuQWIAUVsZ0O96uh21Shw82ynSwaNm7kPMlmpbc-_KAhDi0opOrTGeD4hqvpoTo7JZQB6Dh7MDCoRv7VP5piLGfqxKAw1IEGUUlUni225CG2ckvocQVcAfRwVmAI-FOkC_GjhrU5FjFgWnmJOWYBe_2fh9dushQ7CBXkkONFcSvaN98wqzK_NDt4ZNQIK_s-DkG-x9RxV-gzYyuam3ImtFtlq14NdP_i18oaRydhPBcX3xbtPAXATdggiegpq43ZeWpuSppHCGgPN804xSdYhZXgWD4LiNnxTbxXPSW68TW96xXgOxfZU_XARavBqmC4zmeAAY9mBk3JlHp3GbksLmXE0LxSEjMG_Hm_8SUV-djiuhSjDIMl9lS1M3CKZDmX_7P9ONZXXGNUJViJf0XrALTAGQJpbhxNUqKoSJ3Ejc24uBMklX4OR7WLZt90JCY70zmtXV7-ZGs_ff_6LsMrNHi4kL2QmhJl1UGLgWZ9QcYB33THLF-r1ZnUlORJ0rkgutfND6MRVHXoM4rSzkuIr23nW3XAw6F28rzCJzH_Vq4Fr-2VB7FLFgxvaWeICOnb5-m0JJoMJPdpkubt4bQFAE6NL1xshveR7bnRJTOyAEZbfg0XMXgEQ3aFoicKL3SJ0qF-9mCE8NGPtagsBcVTmP8vwIdCyYO922VgaQQgEEjsALx4X_9Xn435f_tEqxLqzlQjQ8ZzYZ_KGPS8obIgm-75V0Z7FKOr1w3xodVCexMTEdVrqi0fAW9Bg2hgBYAE&cry=1

Request Chain 358

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGdO9Jp_e7ls52PApx8JfiY&google_cver=1&google_push=AXcoOmTHPWbTMphR0HRgFiKTBusiVD1TyYqfHsMJ2B6I7nQEc55-ltD2XocVjmhluqinXE_nbs9hXQS7wRYuvqCDFgW87GGgDGCepA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTHPWbTMphR0HRgFiKTBusiVD1TyYqfHsMJ2B6I7nQEc55-ltD2XocVjmhluqinXE_nbs9hXQS7wRYuvqCDFgW87GGgDGCepA&google_hm=gY5WBB_LSiei5gfx1VzWlGc

Request Chain 359

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESELItfHpwJs7N7_oWqQzH3yk&google_cver=1&google_push=AXcoOmTbCfZOgkuwEUVD8gNDE_Hx9Jjfa9gMXfqqD_R3ojCa6GF-SxnkE1vz2MhSAIR7IiI3jjV4lagkkzXg4l1OY_ph8Geej3khng HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTbCfZOgkuwEUVD8gNDE_Hx9Jjfa9gMXfqqD_R3ojCa6GF-SxnkE1vz2MhSAIR7IiI3jjV4lagkkzXg4l1OY_ph8Geej3khng

Request Chain 360

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEA-Vk3TTIFP69PfO0K4Zu4M&google_cver=1&google_push=AXcoOmQwnfzUGwNnWt-5YTw3ltFO8tMGM6TzxucAtlvxE0s1I0MTKntFdkhBoLQcyAi77CSkmKzrQ8OKfwWBDV-gWmMnzwyZSAiTzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQwnfzUGwNnWt-5YTw3ltFO8tMGM6TzxucAtlvxE0s1I0MTKntFdkhBoLQcyAi77CSkmKzrQ8OKfwWBDV-gWmMnzwyZSAiTzQ&google_hm=eS02cjFRVFdSRTJwSDB4UFFncUVhZXVOZmp5aEpXaVBDSH5B

Request Chain 362

https://cs.media.net/cksync?type=g&google_gid=CAESECX4aIywDMFaSFu9bvYhHVI&google_cver=1&google_push=AXcoOmR0_JWgohAPwBo1sbFfd8_K4pj2Io1ntj4y9yfRbCPuUT27Zi0RuH-2rUQY0-vSGmErF3dy0vylz8oHXoXFifHDIroUz1JQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ5NTUxMDMxOTA4NTUzODAwMFYxMA%3d%3d&mn_hm=MzQ5NTUxMDMxOTA4NTUzODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR0_JWgohAPwBo1sbFfd8_K4pj2Io1ntj4y9yfRbCPuUT27Zi0RuH-2rUQY0-vSGmErF3dy0vylz8oHXoXFifHDIroUz1JQ&gdpr=&gdpr_consent=

Request Chain 371

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFaQI2ZLhdqL2no0Erym_V8&google_cver=1&google_push=AXcoOmQyOT5EgAm4ksgDKpxaxy3MZe1IL0aW2xj32jUl3rY4bStIhciZx08LKsXCJfMb8YdCFhfC80h-i2ItbuLzaFzOyISO98I&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQyOT5EgAm4ksgDKpxaxy3MZe1IL0aW2xj32jUl3rY4bStIhciZx08LKsXCJfMb8YdCFhfC80h-i2ItbuLzaFzOyISO98I%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFaQI2ZLhdqL2no0Erym_V8&google_cver=1&google_push=AXcoOmQyOT5EgAm4ksgDKpxaxy3MZe1IL0aW2xj32jUl3rY4bStIhciZx08LKsXCJfMb8YdCFhfC80h-i2ItbuLzaFzOyISO98I&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQyOT5EgAm4ksgDKpxaxy3MZe1IL0aW2xj32jUl3rY4bStIhciZx08LKsXCJfMb8YdCFhfC80h-i2ItbuLzaFzOyISO98I%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 372

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFdY4Idy-M6mkx4MRH6abrw&google_cver=1&google_push=AXcoOmTzD0McDetZGRoIiuhYcoz_hYQQUj0ir1zT3KEY7mdiJqsZ3AjFhGGXHt9wIOl0dtD97d8ppljzPdLeW9-Z1Z09Ki5py9I HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFdY4Idy-M6mkx4MRH6abrw&google_cver=1&google_push=AXcoOmTzD0McDetZGRoIiuhYcoz_hYQQUj0ir1zT3KEY7mdiJqsZ3AjFhGGXHt9wIOl0dtD97d8ppljzPdLeW9-Z1Z09Ki5py9I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTYzMzc0OTkwMTkxNTY0MDc1Mw&google_push=AXcoOmTzD0McDetZGRoIiuhYcoz_hYQQUj0ir1zT3KEY7mdiJqsZ3AjFhGGXHt9wIOl0dtD97d8ppljzPdLeW9-Z1Z09Ki5py9I

Request Chain 373

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEYmOx8TVHU4UuqzhOyU4Sw&google_cver=1&google_push=AXcoOmQ10NIlQYTUbMEDIX9hP-Xz1gRDjuzQzpSIfMzfVeHHA7a5ulFbMMHq6QHkZOCWXl0ob9L6g2GCSfoGvh1f-T3C56he0_4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=S94_zfCQUQJN8qREmDqwTFD_B2c&google_push=AXcoOmQ10NIlQYTUbMEDIX9hP-Xz1gRDjuzQzpSIfMzfVeHHA7a5ulFbMMHq6QHkZOCWXl0ob9L6g2GCSfoGvh1f-T3C56he0_4

Request Chain 374

https://ads.yieldmo.com/exptsync?google_gid=CAESEPEaxheVv5Nx7oR_CXnGoF4&google_cver=1&google_push=AXcoOmRVoAw2cnHnI3j-UsklS5qxSMjNbnKmra5Hs0XsFyIYsGSmgJJbKkoxMfvXuUI8Lp5eXgHFa-EaQho2vgeWpOMNAlXBJ6I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRVoAw2cnHnI3j-UsklS5qxSMjNbnKmra5Hs0XsFyIYsGSmgJJbKkoxMfvXuUI8Lp5eXgHFa-EaQho2vgeWpOMNAlXBJ6I&google_hm=VkVVWVBycldXT3JSMXFfcHFzejc=

Request Chain 378

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEGg3zoqclrDVW4-tXLuBvw&google_cver=1&google_push=AXcoOmTgF3knqCvY6DZzLT3yAdPEAnMeI5e2D4Ya2lJMbE_2T4aLskKwJz_aO8ns7VUOPSRguicpbdzBr_u_mUkdrAxTb7_Z3vpu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmJmZ3RnQUFBLUxNc1dtdw==&google_gid=CAESEEGg3zoqclrDVW4-tXLuBvw&google_cver=1&google_push=AXcoOmTgF3knqCvY6DZzLT3yAdPEAnMeI5e2D4Ya2lJMbE_2T4aLskKwJz_aO8ns7VUOPSRguicpbdzBr_u_mUkdrAxTb7_Z3vpu

Request Chain 379

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHWi9YT3UjGBNbOSCaEhpmA&google_cver=1&google_push=AXcoOmR7GsEDzGDU5BmlU1fh2T61RU2JmLY1JWvZzrvB447ir_YOd3B8KQq8MiyEVbZeuFHIp4kr-anyFG1GuC-a9dGNQppELseQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyOTU3Mzk5NTE2NzQ3OTk2Mw%3D%3D&google_push=AXcoOmR7GsEDzGDU5BmlU1fh2T61RU2JmLY1JWvZzrvB447ir_YOd3B8KQq8MiyEVbZeuFHIp4kr-anyFG1GuC-a9dGNQppELseQ

Request Chain 381

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSKMnr7EKjm7nMkqZW-yiwqKs1N6gf9Tdd9RUuvdUIT2fCJCPov0QCGd7W4bAvpjW0x3NGld5cDKb1DzPX1ax1HFV43Frk6&google_gid=CAESEH91oA-Tb2_Ib8JH8Sup9TI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH91oA-Tb2_Ib8JH8Sup9TI&google_hm=T1BVOGU1MDlmZmIzNGExNDFlMzhmMDA5MDI5ZjFlOGE5OGY&google_nid=opera_norway_as&google_push=AXcoOmSKMnr7EKjm7nMkqZW-yiwqKs1N6gf9Tdd9RUuvdUIT2fCJCPov0QCGd7W4bAvpjW0x3NGld5cDKb1DzPX1ax1HFV43Frk6

Request Chain 382

https://an.yandex.ru/mapuid/google/CAESEMy2DN2cOG8K8ClYonY6xt4?ext-param=AXcoOmTzWCH4DFDYUJSn7hRIE4mF4upB8nwEmhVZGub832rM4YqTrV2abcJPsxH6oZyR-i_TeWCTc1fS0vqNPG5uZV0CyuC7p-rwOQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEMy2DN2cOG8K8ClYonY6xt4?redir-setuniq=1&ext-param=AXcoOmTzWCH4DFDYUJSn7hRIE4mF4upB8nwEmhVZGub832rM4YqTrV2abcJPsxH6oZyR-i_TeWCTc1fS0vqNPG5uZV0CyuC7p-rwOQ&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEMy2DN2cOG8K8ClYonY6xt4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 383

https://sync.gonet-ads.com/match/google?google_gid=CAESEAubYouhZRCoMmPXgb7V4Go&google_cver=1&google_push=AXcoOmQwW5IemRkVFsWFdhMwmsgmIxDr_t9BneiZwAj_sQKBpFm8Ks7VEX9cK7fp7D7KnR_h2FydyV0iqkV14WnoOkNYeXx6rVMA HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESEAubYouhZRCoMmPXgb7V4Go&google_cver=1&google_push=AXcoOmQwW5IemRkVFsWFdhMwmsgmIxDr_t9BneiZwAj_sQKBpFm8Ks7VEX9cK7fp7D7KnR_h2FydyV0iqkV14WnoOkNYeXx6rVMA&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MmI1YjdmYWMxOTYzMjFhMg&google_push=AXcoOmQwW5IemRkVFsWFdhMwmsgmIxDr_t9BneiZwAj_sQKBpFm8Ks7VEX9cK7fp7D7KnR_h2FydyV0iqkV14WnoOkNYeXx6rVMA HTTP 302
https://sync.gonet-ads.com/match/google

Request Chain 384

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEKxHoh2i4KsuTTwdEq064nk&google_cver=1&google_push=AXcoOmQHvrslZbbRImnmXbrbxLKcjJcF83ndR2UVutc8njO8GQMgNXn__4b8hCPw4GapqmecnXzBelZ58DntXqVgg3NLx2W3-_Yj HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=394b6b2a-44a1-48f2-9c45-590959337794&google_cver=1&google_gid=CAESEKxHoh2i4KsuTTwdEq064nk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQHvrslZbbRImnmXbrbxLKcjJcF83ndR2UVutc8njO8GQMgNXn__4b8hCPw4GapqmecnXzBelZ58DntXqVgg3NLx2W3-_Yj&gdpr=${GDPR}

Request Chain 386

https://um.simpli.fi/gp_match?google_gid=CAESEKs3MpjcVgEsEMvAFjpdULs&google_cver=1&google_push=AXcoOmSkScd1RPAInjuTl0NHgSs_EFMOHik19cufNfM71zn91I--VxLF6d13CYJ04dhSCNwT1EfFvSBV5L6sMqW26KF7eVe--iEiFA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2757F66D64BD404E95FBDCC9EE15289C&google_push=AXcoOmSkScd1RPAInjuTl0NHgSs_EFMOHik19cufNfM71zn91I--VxLF6d13CYJ04dhSCNwT1EfFvSBV5L6sMqW26KF7eVe--iEiFA

Request Chain 388

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAgYAobHE47Qp8xxjcBDK40&google_cver=1&google_push=AXcoOmS9yh3tnyAooLwEqOKMePecji2fDmdGeD3W1i8bJnbLCIZ1NfwdXYAjmZbe1jUrfKRo0mI0JYVD6awT-Eaea5sDCaArBcl35w HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAgYAobHE47Qp8xxjcBDK40&google_cver=1&google_push=AXcoOmS9yh3tnyAooLwEqOKMePecji2fDmdGeD3W1i8bJnbLCIZ1NfwdXYAjmZbe1jUrfKRo0mI0JYVD6awT-Eaea5sDCaArBcl35w&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS9yh3tnyAooLwEqOKMePecji2fDmdGeD3W1i8bJnbLCIZ1NfwdXYAjmZbe1jUrfKRo0mI0JYVD6awT-Eaea5sDCaArBcl35w&google_hm=IEs6AGZHJR9zH3tRS1-N-Glb

Request Chain 390

https://ads.yieldmo.com/exptsync?google_gid=CAESEPEaxheVv5Nx7oR_CXnGoF4&google_cver=1&google_push=AXcoOmRkLoqNBMxa6cIK6SrgHMwOZd2tWbPh7Q5Bt5QssvBxhpuafJUF7uUEkjcCXER3eLW-7QLF4jP81j-7HalUnQ3130K50TErNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRkLoqNBMxa6cIK6SrgHMwOZd2tWbPh7Q5Bt5QssvBxhpuafJUF7uUEkjcCXER3eLW-7QLF4jP81j-7HalUnQ3130K50TErNQ&google_hm=VkVVWVBycldXT3I1SnB3VE81dzU=

Request Chain 392

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEADY3j6odncTPNJs-_SLgAw&google_cver=1&google_push=AXcoOmS62_DRCe0NgLUtpc0gZYzTCe1K0_PkVdC95I6ErlNOLhCJRr_PM0D2wsKLmACi37-20JA0W9bLZqvDYtpsuxuyNGGjku7dahk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS62_DRCe0NgLUtpc0gZYzTCe1K0_PkVdC95I6ErlNOLhCJRr_PM0D2wsKLmACi37-20JA0W9bLZqvDYtpsuxuyNGGjku7dahk HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 448

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZbfgtSybyfxkNErkAKZKfwAA%265153

Request Chain 467

https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=IEs6AGZHJR9zH3tRS1-N-Glb

Request Chain 469

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=1633749901915640753

Request Chain 475

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D6f36ee19082ae311fe188bedefaa0549%26dspid%3Dopenx HTTP 302
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=345f8f43-7275-46bf-8246-88e0a56a9dba&vid=6f36ee19082ae311fe188bedefaa0549&dspid=openx

Request Chain 477

https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3D6f36ee19082ae311fe188bedefaa0549%26dspid%3Dadf HTTP 303
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=1633749901915640753&vid=6f36ee19082ae311fe188bedefaa0549&dspid=adf

476 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cpf-generator Show response
randomgenerate.io/ 23 KB
7 KB 1402ms
305ms Document
text/html 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/cpf-generator
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 60c991681541f04d41c9608f36637f173044a86beb61f0b0890412f3ef9a5bce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84d333f2b8969004-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 17:30:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vD%2FzP3yEmGJAuW8YvSkndc%2FnQzSCJ9QTtZVoy%2B93Mytql2oCpZ1zDtORyBWAhEnWkv9y%2BINKDDPCn0Ogtfgho9OvAc6hDBrhfIsYHSEPKdBi%2Fwmz7yElUr5DdXplQEiKFCEltWkobIjW2rhoS77sxw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Next.js

GET
H2 200 2a20b457172df2d5.css
randomgenerate.io/_next/static/css/ 35 KB
10 KB 52ms
51ms Stylesheet
text/css 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/css/2a20b457172df2d5.css
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cpf-generator
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 526a854fa681b1786026277e309c20a6615b6a5871b8bd5b917a504187e6edaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3490315
cf-polished: origSize=35514
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Dec 2023 07:56:04 GMT
server: cloudflare
etag: W/"8aba-18c86397f27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jk4FECaKQ6l4vwgzv9vNW5rZnuAj25ai%2FKaDdNktrm4vbM9EZY6fz12JV889NV0ygC455db%2FOTiOqeh94DjQ09jM9AyvnmbIc%2BktLBvNpigJ2VXa%2FHT3wroTVaZqgNt99kDQSX25b76SE5wWjJ91%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333f4aa699004-FRA

GET
H2 200 rocket-loader.min.js Show response
randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 43ms
43ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: randomgenerate.io
URL: https://randomgenerate.io/cpf-generator

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Jan 2024 10:32:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b38a27-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45g0H0ENGYBM38vTzBgwXGoKej8UbSvPcJKLW8gJYifm1ZNJeevG7fiALuQOEe6SHNhAo1c%2Bro80Lu3K384S31%2BAOV0vV8gcbNlwL0dvxzgdmDw4aKqVLPlswirdCYV%2BmdkFKSerStburLPaxUU%2Blw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 84d333f4aa719004-FRA
expires: Wed, 31 Jan 2024 17:30:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 199ms
50ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300&family=Lexend+Deca:wght@300&family=Mulish&family=Poppins:wght@300;400;700&family=Roboto:wght@300;400&display=swap

Requested by

Host: randomgenerate.io
URL: https://randomgenerate.io/_next/static/css/2a20b457172df2d5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5e8b2383a8418b0727c4a55338444beac0065366da2071d8afa4866535ba911e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 17:30:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 17:30:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 17:30:25 GMT

GET _ssgManifest.js
randomgenerate.io/_next/static/hZvoK-ZlOT6-OqFLVEFYD/ 0
0

GET _buildManifest.js
randomgenerate.io/_next/static/hZvoK-ZlOT6-OqFLVEFYD/ 0
0

GET cpf-generator-0d88c187c017f4f4.js
randomgenerate.io/_next/static/chunks/pages/ 0
0

GET 36757-28b54408f0f05e88.js
randomgenerate.io/_next/static/chunks/ 0
0

GET 63031-592c8bb62d9bd528.js
randomgenerate.io/_next/static/chunks/ 0
0

GET 39238-bdd827d22231716b.js
randomgenerate.io/_next/static/chunks/ 0
0

GET 25675-4b3099c5fc33bd05.js
randomgenerate.io/_next/static/chunks/ 0
0

GET 44949-72e08cdddb0481f9.js
randomgenerate.io/_next/static/chunks/ 0
0

GET 78e521c3-a40615a36edde8d1.js
randomgenerate.io/_next/static/chunks/ 0
0

GET 95b64a6e-a892c0b358659f0f.js
randomgenerate.io/_next/static/chunks/ 0
0

GET d7eeaac4-c77e27e3992fe68c.js
randomgenerate.io/_next/static/chunks/ 0
0

GET 1bfc9850-9a620636a28b3ce8.js
randomgenerate.io/_next/static/chunks/ 0
0

GET _app-a7008f0e5600abbb.js
randomgenerate.io/_next/static/chunks/pages/ 0
0

GET main-97f94a1dfa5c345e.js
randomgenerate.io/_next/static/chunks/ 0
0

GET framework-75746eeb80cbf23f.js
randomgenerate.io/_next/static/chunks/ 0
0

GET webpack-40e523e17749d299.js
randomgenerate.io/_next/static/chunks/ 0
0

GET 6380
stpd.cloud/saas/ 0
0

GET gpt.js
securepubads.g.doubleclick.net/tag/js/ 0
0

GET
H2 200 inview.min.js Show response
stpd.cloud/assets/libraries/ 5 KB
3 KB 194ms
111ms Script
application/javascript 2606:4700::6812:1e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stpd.cloud/assets/libraries/inview.min.js

Requested by

Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:25 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"23df7c2f5fe3a534a7299c9c9e923fa9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uvS%2FV3M3L3tK5WYz%2FtY7cYV6SRff3DpDsaefBa%2FQUUTghyRTrQn3nhEJmIeU4RYjYGVEqIaA5U%2Be4nGJrdv5IFaZfZ6lJXmup74AIT2SnKL%2Fqt3TIG4uzRBeexAnsaHlagzDkx4xSPJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 84d333f6c8c51e1c-FRA
expires: Mon, 29 Jan 2024 17:50:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 175 KB
63 KB 143ms
56ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWMKQ3B

Requested by

Host: randomgenerate.io
URL: https://randomgenerate.io/cpf-generator

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f3f997a471f1baf7bc1074ae8f7c445e58cf715331b51d97ff9a5e2c1184e684

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64189
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 17:09:52 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 Jan 2024 17:30:25 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
30 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0da8e6e615e8d4f4d172b990745da8fe03ce0ef7d103c87c7891acfd78e00827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29717
x-xss-protection: 0
server: cafe
etag: 121 / 19751 / 31080678 / config-hash: 10961985379633005465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:25 GMT

GET
H2 200 6380 Show response
stpd.cloud/saas/ 453 KB
130 KB 216ms
216ms Script
text/javascript 2606:4700::6812:1e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/saas/6380
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8beadd142e033caff0db03a1526435f7076f607fe31d53640466d2518acd9d8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: s-maxage=300
cf-ray: 84d333f789fe1e1c-FRA
stpdhash: true

GET
H3 200 webpack-40e523e17749d299.js Show response
randomgenerate.io/_next/static/chunks/ 6 KB
3 KB 58ms
57ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/webpack-40e523e17749d299.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d0ca7707e3c55156f55421f65ef48dade2a627c2cb6abc2113ea0dcc8ec6a97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:25 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 24 Dec 2023 06:37:01 GMT
server: cloudflare
age: 3149135
etag: W/"1967-18c9a8a8f82"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PodPKB%2Bx2ELiVHYJnvCwVBrm0IbIlICw7q3DNqtm4VrQ7SNptn8VtYhiDzxzL9JXQiaiU3DK3XC%2BiBm4ZQnTMZ2mKw61TOjLgrigtzPztKgLS4lEueVB55iE9EqGw95wryIM1OcOFgGz%2FCerDDaWVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333f78cdf6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
92 KB 56ms
56ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KR2GVJ0ZGV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWMKQ3B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

faeb77eb7851523bca5970f2a56843d8ad7e2b0baf2f2c7046269575a717075d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94525
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 Jan 2024 17:30:25 GMT

GET
H2 200 iflphru7g2 Show response
www.clarity.ms/tag/ 668 B
1 KB 314ms
197ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/iflphru7g2?ref=gtm2
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cpf-generator
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: aa1dbb1443c4587fa41937182c168b9ee9ac1e13e6345400fb592b63d530ffee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: -1
date: Mon, 29 Jan 2024 17:30:26 GMT
x-azure-ref: 20240129T173026Z-x8rwhu69xd7er5hhbaaq42c8gn0000000at000000000rtth
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 668
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 framework-75746eeb80cbf23f.js Show response
randomgenerate.io/_next/static/chunks/ 137 KB
45 KB 61ms
61ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/framework-75746eeb80cbf23f.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdd2706e2d273f5f9ee7b983229da952507d56764a5bb9c8402d93a9ddd5425f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5086922
cf-polished: origSize=141076
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
etag: W/"22714-18c26d7c61b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4CrvhhT%2F0woA3k8m%2BPtzBRlTYTA%2B%2F1qC%2FaxuJOH0YlbuRAb9MWoxJuFzkQsVE7Hatk%2BIH163LN6SdUT5Rh5VbCNkfasDe0ZPzqmqV4t5%2FygUcXEEAtLtOxy5e2N6euVydUZI6Ybrzc%2BYOAuncc5Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333f82e126f02-CDG

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/ 431 KB
135 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:20:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 612
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138344
x-xss-protection: 0
server: cafe
etag: 11931332024773231753
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 28 Jan 2025 17:20:13 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 134ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KR2GVJ0ZGV&gtm=45je41o0v9115478624z89115469226&_p=1706549425636&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1132696889.1706549426&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1706549425&sct=1&seg=0&dl=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&dt=%F0%9F%87%A7%F0%9F%87%B7%20CPF%20Generator&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2042
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KR2GVJ0ZGV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 main-97f94a1dfa5c345e.js Show response
randomgenerate.io/_next/static/chunks/ 101 KB
32 KB 66ms
66ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/main-97f94a1dfa5c345e.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8c9a098f2a6b0ccc7f207f4cabd1c8bee52ab7a369f70f1c93b91b11d7a2bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
age: 5086923
etag: W/"19557-18c26d7c5b3"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7vlRCqsIqZ8h0MLwHKGXc7r4mjYy3SNIuBvWYYTy%2FB65Y1jXFcicEj4zRdbLZRDHjMFH57uRAf897F3PAUcAuUEubJ5tV9NupMbsGkjacIzu6oMe8hoWY8NxLy%2BkUzYyScCHj%2F85T3zwzfU8OoSBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333f91fcb6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 189ms
41ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 18:20:42 GMT
content-encoding: gzip
age: 2070584
x-guploader-uploadid: ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 04 Jan 2025 18:20:42 GMT

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 184ms
40ms Script
application/javascript 2600:9000:223c:2400:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:2400:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:24:23 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: FRA56-P2
age: 364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 01VmLoLyq2nTVFDgemrTE8VwjomRxsTQ8glsgwJh54_ZhoMLJq7rqw==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 114 KB
28 KB 203ms
56ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: EZV6NW1WM6XWNDV3
age: 2871
etag: W/"3732dd6fc229ed015d7d7eddf157953f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 84d333fa3860bc04-FRA
x-amz-id-2: hs7GhfxdK9LKmx/nVoza14Arg8e7uJPpJfYoaDypHkfYO8aT+LtOSBMY5fIRKmPxTFDnmQ3qaoE=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 205ms
58ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 33108
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230088-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snVbnlgRXu85t%2FADrlLkkTgb8zj7MfjSEOXVGirDzW2jYN1Fdvpl1g2VTQ3r%2B5f78%2FFt4MI1XRrY5nYs2BmCxx5hcLBeOAorEdns28g7oaHyybpxyw%2BUWGGdnB2zHDu1dWxgSkWLUM269%2Bk0xaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84d333fa38d33a91-FRA

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 213ms
66ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: ea43671695ef7291449453f5984795c8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 227ms
81ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 18 Jan 2024 07:12:05 GMT
server: nginx
etag: W/"65a8cf45-a585"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 30 Jan 2024 17:30:26 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 185ms
39ms Script
text/javascript 2600:9000:2250:ac00:a:e047:753:eb41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:a:e047:753:eb41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Mon, 29 Jan 2024 08:34:42 GMT
Via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 38187
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: R_IT7QkNW-k0Zw0M-lxmFYd1cevj-ytrotBnUG6nV78G91DruqwtJw==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 189ms
43ms Script
text/javascript 18.239.18.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-118.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 03:56:19 GMT
content-encoding: gzip
via: 1.1 215e4a16b9afcb599baed4231992f516.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 48848
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: zk3I3Cbwx1Fy7V9SN4_3W0JPLquTtqNshpS1HqKeh_OENn4huYkw_A==

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 17 KB
6 KB 157ms
38ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86036cbe1dd82dc84489e713501e2fb7e5e18d2f41b3668006f5657e3deb512a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 23 Jan 2024 20:10:49 GMT
server: cloudflare
age: 428179
etag: W/"65b01d49-42c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 84d333fa281c452e-TXL
expires: Thu, 01 Feb 2024 17:30:26 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 155ms
46ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frandomgenerate.io%2F&domain=randomgenerate.io&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://randomgenerate.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 29 Jan 2024 17:30:25 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 216637
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 op.js Show response
tagan.adlightning.com/setupad/ 16 KB
7 KB 140ms
40ms Script
application/javascript 18.65.39.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/op.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-47.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c09e3f0651b3d2ee704a39e6487d3974b5d622b1dfe7d84a51c9e0761ec88b81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:28:05 GMT
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-version-id: JjhfADeUApcL6Er5jwQP6QAf.3UWqXe2
x-amz-cf-pop: AMS1-P1
age: 142
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6997
x-amz-meta-git_commit: 935e2f1
last-modified: Mon, 29 Jan 2024 15:22:12 GMT
server: AmazonS3
etag: "31ee50a0f89e8484ff624944b00d9615"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: VGhVXwpsiOQFPo6HwfH0w2bEjBotYnWTIxVYmyVKNO8lsTs8aI5MnQ==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 283 KB
71 KB 136ms
44ms Script
application/javascript 18.239.70.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.70.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-70-203.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:14:18 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 20:58:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P4
age: 969
x-amz-server-side-encryption: AES256
etag: W/"bfb1a1567d75287f0c63152bfd796b6d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: J_LYdWM35pwZssJLhClbIGe8iFIzh3CCSQiQTn89aP95Jm0_8OYv3g==

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
418 B 154ms
44ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/6380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://randomgenerate.io
date: Mon, 29 Jan 2024 17:30:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
375 B 141ms
51ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frandomgenerate.io%2F&domain=randomgenerate.io&cw=1&lsw=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/6380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 218431
expires: 0

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 158ms
50ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240129

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/6380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36fa8d97cdd27e5be2ad846f5be25ba894ee6db0fa77fe243f0394c5b1c0fcd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5377
x-jsd-version: 1.0.1950
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21936-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"642-AgfJ3MBHSbc+ijobCJyC3ScH+50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRUXzfpi7IPV11IC%2BLOGlZyFtcA9vxjTrCoibJj8T5nOD08dnvdfzPTar%2BT9E4ZvJWl7lvGc6IP5r%2FiEmjq3k1V8KZ0KqaYyenfmrkNXdA2lmzf%2BkRHLzCK8j8Y78pLC46dU5Ts91vw%2FuVNy8Go%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 84d333fa3d353605-FRA

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1022 B 134ms
48ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:26 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 123337
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePDeOF0gjhgDYHrnyper5oW2tIovW0g%2BEHKakOVbL9YiJVnvjtgPxp0eS7ifdUncsOSpkMnINzhq1EVZhSUdthlsnKEkV2d%2BKx27TMzPLp%2FNfrkJCK%2F8FZNMtDyXO3IOKH%2BYRu46uDStMH5F"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 84d333fb090c35ff-FRA

GET
H3 200 _app-a7008f0e5600abbb.js Show response
randomgenerate.io/_next/static/chunks/pages/ 2 KB
1 KB 57ms
56ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/_app-a7008f0e5600abbb.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 459524b75299eae939f95180e9c527e137ab65ce188af4a015b84be566c79838

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 09:44:54 GMT
server: cloudflare
age: 4261179
etag: W/"912-18c5843e7bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5jjsPWHLGOJYVr6C4uAPC7CzA6tOwIxjGy7UFoI5Bzwjs3On8UQjBMKVChrDkVb3z9y%2Ft7TPsMg82nG6jM7cYIaKDe1u4w1vAZwaeto7fbfbM0P0UeRzbxfJ04mfa1u1D0Ox6nN%2BbxkkMvUFFSFQ2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333f998aa6f02-CDG
alt-svc: h3=":443"; ma=86400

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ 1 KB
953 B 172ms
74ms XHR
application/json 104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07cdad477512b405d6312da20e766c657d6c23c6e0ac6138e75ec0169dc45288

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8MR5OhPC8ZHqao3ekYTz2O8%2FrKuHcYljPGvRAnxA415%2FtyUNv3OQKvG%2BSYHIl6MRV1vsf5zJTAJUsBf%2Fh7AJc9Rl%2FzB1TeD9O2UPLfnnEtzHvEsvkS%2BnWkbCm0Gw%2BJ0HX94g080Ce5A"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84d333fa8cc29106-FRA
expires: 0

POST auction
prebid-stag.setupad.net/openrtb2/ 0
0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
196 B 169ms
77ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=73494096374&lsavail=1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/6380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://randomgenerate.io
date: Mon, 29 Jan 2024 17:30:25 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
180 B 132ms
40ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://randomgenerate.io
date: Mon, 29 Jan 2024 17:30:26 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
533 B 216ms
115ms XHR
text/plain 37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/6380

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
638 B 133ms
41ms XHR
application/json 35.158.201.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.0&referrer=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&tmax=1200

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/6380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.158.201.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-201-105.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
accept-ch: sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt
x-auction-status: 29, 29, 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
receive-cookie-deprecation: 1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
2 KB 234ms
118ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ec0ccf44231411587a9a7619334ddab8070097babe10640eaf9335ae85fac92

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 17:30:26 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://randomgenerate.io
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1983
Expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 552 B
2 KB 217ms
128ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1969856%3B1969856%3B2217892&size_id=2%3B31%3B9&alt_size_ids=55%3B55%2C57%2C78%2C79%2C113%2C152%3B8&rf=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&kw=CPFGenerator%2CCPFrandomizer&tg_i.domain=randomgenerate.io&tg_i.page=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&tk_flint=pbjs_lite_v7.54.0&x_source.tid=d8a47b11-b3c6-4601-8034-7b322f4213aa%3B8cf3e5b0-a9df-47e4-8a63-66e635b554bc%3B1f43d862-9157-41bf-a703-6eec20a009cb&l_pb_bid_id=422b73053bc559%3B43b8176d81be466%3B44cc7c8abe31573&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=d8a47b11-b3c6-4601-8034-7b322f4213aa%3B8cf3e5b0-a9df-47e4-8a63-66e635b554bc%3B1f43d862-9157-41bf-a703-6eec20a009cb&rp_maxbids=1&slots=3&rand=0.40518915914290377
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 361c01b2729bd0a8a349bb916078e087c6b0f6042bd1570f3242e1ce12364190

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
568 B 262ms
157ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://randomgenerate.io
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
568 B 238ms
132ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://randomgenerate.io
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
568 B 295ms
190ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:25 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://randomgenerate.io
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 142ms
47ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://randomgenerate.io
date: Mon, 29 Jan 2024 17:30:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
356 B 149ms
52ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://randomgenerate.io
date: Mon, 29 Jan 2024 17:30:25 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
582 B 160ms
74ms XHR
application/json 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Mon, 29 Jan 2024 17:30:26 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 6 inventory rules not found for mediatype: banner and adUnitCode: randomgenerate_io_anchor_ad_responsive, Process Floors. 15 inventory rules not found for mediatype: banner and adUnitCode: randomgenerate_io_top_billboard_responsive
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84d333fa8dae1e4a-FRA
expires: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 79ms
79ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/iflphru7g2?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
last-modified: Wed, 24 Jan 2024 14:33:55 GMT
etag: W/"0x8DC1CE97EB406F9"
vary: Accept-Encoding
x-azure-ref: 20240129T173026Z-x8rwhu69xd7er5hhbaaq42c8gn0000000at000000000rtu2
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f75c1a7b-c01e-0082-2c1a-4f6f65000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H3 200 1bfc9850-9a620636a28b3ce8.js Show response
randomgenerate.io/_next/static/chunks/ 5 KB
3 KB 63ms
62ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/1bfc9850-9a620636a28b3ce8.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acf567bf9a4b55bd45ce03b02d8ccdfddc1d3aa9386608e8de427fd30600facc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
age: 5086923
etag: W/"1249-18c26d7c61b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thWukTqXpBillwYgn0KKlarYBeert%2BQz4uWxfAaLy5um8bE3w6A%2FiuNbzsszmNZV9HAf4UfcH9ySV7ZBcB9zSsg0XSD9SPeSraSzMqDVzLCFW9gDAeB0V50bRNuy%2FsUHzQJIY1aWSyNRw%2B%2FOnGE6rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333fa39ba6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
213 B 145ms
43ms XHR
application/json 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://randomgenerate.io
content-type: application/json
access-control-allow-credentials: true

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
277 B 127ms
40ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/6380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

6bc4f4cdd39ae5df0aaf8d4fff1358df84a5ee8bd5cb771d367a9eed192f2525

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://randomgenerate.io
date: Mon, 29 Jan 2024 17:30:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 184ms
54ms XHR
application/json 108.128.140.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.140.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-140-222.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 4f9b4a3d9e22fff0021d51d4e9e49e90b08aaf54b8951680039cc2a5c905a51b

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache
x-server: 10.45.0.238
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&rid=esp&cc=1

85 B
193 B

153ms
153ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&rid=esp&cc=1
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: a70d87a0ce7669f368cc6c8f96e17a20b7b9a3aeef9686659ff5e32498145af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-ufAfPudUn5vCwSogPUzfjt11HGg"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://randomgenerate.io
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 29 Jan 2024 17:30:26 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://randomgenerate.io
location: /esp?url=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
232 B 41ms
41ms XHR
text/plain 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://randomgenerate.io
date: Mon, 29 Jan 2024 17:30:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 d7eeaac4-c77e27e3992fe68c.js Show response
randomgenerate.io/_next/static/chunks/ 3 KB
2 KB 60ms
59ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/d7eeaac4-c77e27e3992fe68c.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e814ab462f97018455d5f9bca9b08b5e164a38773220add82fdcd6d6b0d98ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
age: 5086923
etag: W/"d21-18c26d7c61b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BFmSh2SQucTxd%2Bt1VUErozPFze%2FViEwX6V2dlgX8jwEvX%2BA7jta2%2B6tcNedamgIDPwn%2FgQ9wLSEnzoS3DxK%2BVvKdnHEm2KWgD%2FLaDmS%2FnFwUjW68qQg1wbPh4g9k%2BV6I4kPSSOjf9CtlMkatrrwzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333faaa656f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DF4F 14 KB
6 KB 98ms
49ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=randomgenerate.io

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 335400
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 b-935e2f1-22fd8186.js Show response
tagan.adlightning.com/setupad/ 71 KB
28 KB 45ms
44ms Script
application/javascript 18.65.39.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-47.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 14:25:36 GMT
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-version-id: TSM1sCYCFVBYqK8r2.wgiAybDtOWIo_C
x-amz-cf-pop: AMS1-P1
age: 10206291
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27763
x-amz-meta-git_commit: 935e2f1
last-modified: Tue, 03 Oct 2023 14:25:23 GMT
server: AmazonS3
etag: "7164aeb4f3f79e485a778007d9bf2ade"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: u5cKhPPmY_I8kgroJ9yCQoVTEFibdR6wBTylB0j4afCu0xMmk6IEFg==

GET
H2 200 bl-904ac2d-ef0eaa88.js Show response
tagan.adlightning.com/setupad/ 83 KB
35 KB 79ms
78ms Script
application/javascript 18.65.39.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-904ac2d-ef0eaa88.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-47.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 721227e405c71a215ad0281707c7ed0229784fd0d2e140ba275c63af7fe5c9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:28:05 GMT
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-version-id: w_E9DujKBS9QSVix6tjbdP1e7eaZiFKC
x-amz-cf-pop: AMS1-P1
age: 7342
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35543
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 29 Jan 2024 15:21:47 GMT
server: AmazonS3
etag: "9ee11e8091ca70cb87e7a10ed58a8e08"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0svEPi3C06rmWZJVwLMW0zYKKnXWYVtByFKQ9nSS9ovRb5wePTIMWQ==

GET
H2 200 sync
ssbsync-global.smartadserver.com/api/ 0
45 B 123ms
39ms Image
text/plain 89.149.192.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.76 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-length: 0

GET
H3 200 95b64a6e-a892c0b358659f0f.js Show response
randomgenerate.io/_next/static/chunks/ 883 B
976 B 57ms
57ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/95b64a6e-a892c0b358659f0f.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 464e3c04242d9831b94d589dd466b66b2849a9341bc18e7efb28467878052e2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
age: 5086923
etag: W/"373-18c26d7c61b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnFR5Nf1p40HJZpBCfOnuKo5n6JcZU%2F0qzBjtSY0XqB5W5ScSyRCkjFaI04cLx374mvu2ZGkuFP8%2BBbBIbmMKim9cWbk%2F7GOBmCLpU%2BUdd5CfBm0mvdn%2BDTpF19TLeFU8%2FIM6IHX32cLjs7nqMz4RA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333fb0b026f02-CDG
alt-svc: h3=":443"; ma=86400

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
297 B 377ms
127ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://randomgenerate.io
Date: Mon, 29 Jan 2024 17:30:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H2 200 481.json Show response
id5-sync.com/g/v2/ 251 B
534 B 121ms
41ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/6380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

98fa84e9ad05819f4f2e3b661da39d73387c81131deaff1e335525d385ea1cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://randomgenerate.io
date: Mon, 29 Jan 2024 17:30:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H2

200

sid Show response
mug.criteo.com/ Frame DF4F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=randomgenerate.io&sn=ChromeSyncframe&so=0&topUrl=randomgenerate.io&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=EX94WXxRWUhvOVIwYnVBSWZUanEwajdxSXJjNzVFWlhBcWttNGlPY01sN21YQXJDU0dubGUxZGszc2xpeTdCbmVEVzhSakdxbnk4VnRNZkkvbnJ3MTV1OXVYWXNmckJ6RC9HaTRDSjRXajhqV2RSaTR6cUdvMmxGUTZMUG...

457 B
673 B

47ms
46ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EX94WXxRWUhvOVIwYnVBSWZUanEwajdxSXJjNzVFWlhBcWttNGlPY01sN21YQXJDU0dubGUxZGszc2xpeTdCbmVEVzhSakdxbnk4VnRNZkkvbnJ3MTV1OXVYWXNmckJ6RC9HaTRDSjRXajhqV2RSaTR6cUdvMmxGUTZMUG5KaU82dGhIMW1IQmVodENJQnlGVzdyUjlVcDRpTjhLMTBPYzNscGx0ZDh5YTFhb2d3U09NWUFPWk4zRHFCWGphelZLRWFvTWZNWkdrRXZmNFdQT2lSaDlxNFpDVEg0RlcveGdxMVQ5UThLZjI5SVkwbmdJdzVGVTJxUHo1dW1VRmo0bGpWZGpDUzFQMktSem5JeXdDKzdjaGVhTE0xNGRwMEJLVHVkS3VpRTNCWG5HRHRMZz18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c059ad0b4849e315985b55fc2f378cf44ce42077ac03e099aa4ae703042e4129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1493167
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=EX94WXxRWUhvOVIwYnVBSWZUanEwajdxSXJjNzVFWlhBcWttNGlPY01sN21YQXJDU0dubGUxZGszc2xpeTdCbmVEVzhSakdxbnk4VnRNZkkvbnJ3MTV1OXVYWXNmckJ6RC9HaTRDSjRXajhqV2RSaTR6cUdvMmxGUTZMUG5KaU82dGhIMW1IQmVodENJQnlGVzdyUjlVcDRpTjhLMTBPYzNscGx0ZDh5YTFhb2d3U09NWUFPWk4zRHFCWGphelZLRWFvTWZNWkdrRXZmNFdQT2lSaDlxNFpDVEg0RlcveGdxMVQ5UThLZjI5SVkwbmdJdzVGVTJxUHo1dW1VRmo0bGpWZGpDUzFQMktSem5JeXdDKzdjaGVhTE0xNGRwMEJLVHVkS3VpRTNCWG5HRHRMZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 296706
content-length: 0
expires: 0

GET
H2

200

sync Show response
eb2.3lift.com/ Frame ECC5
Redirect Chain

https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24...

1 KB
2 KB

41ms
41ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: d7bf53e7d222b3bea17b3c3b3310fb3fd8ed916ec97b9ada77a46458546e07cb

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1343
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 17:30:26 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Mon, 29 Jan 2024 17:30:26 GMT
location: /sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 130ms
49ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:26 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 2403142
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3t7%2Bq8hzIGgZs%2BOuAEWB%2BTsAZgQl14IWVeXGD5fgP5%2BtjHt9%2B7jjMoWIbR2wkLb69gXmPAo6ccipN7MdWAhkwhaIVTX%2FIQeDo8IAVnVOFcSvBnajPsevg%2FYpTSaFGv0iY0XkRwdwSzakqQ7"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 84d333fc4bae3687-FRA

GET
H3 200 78e521c3-a40615a36edde8d1.js Show response
randomgenerate.io/_next/static/chunks/ 1 KB
1 KB 59ms
59ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/78e521c3-a40615a36edde8d1.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59c4650de6e947e8522899af32df9affc43715131bcd1089a65c18d1a8e0203a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
age: 5089054
etag: W/"5c2-18c26d7c61b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqycq93pizKxpHi0b3ypwJS7Og%2FHTs2nuYjX%2F2s%2FSU6NS4Sb97Rr%2BzDI9jHAauXwtI9mwQceJ66n1hxQI4M9qkWkl%2BWwmG4U9oSLNSjr7kCJf9zcBfGDLpK96ESgGIwnul1N8Zlpp27qa1TGC%2Bc56A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333fbdc8f6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac Show response
config.aps.amazon-adsystem.com/configs/ 564 B
832 B 141ms
38ms Script
application/javascript 18.238.243.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.243.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-243-82.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9dcdd4dff6dab5e556d07cf571e17a19ce4c7dba8a9b657bee0b9e68b6d5b018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 16:40:45 GMT
via: 1.1 650363fa7465273dd14fde086a851a86.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P1
age: 2981
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 564
x-amz-cf-id: vUTgVxbXdxAWFkBE7ygnVB9Fw6D6jN8J4H0bQNJo7V4FEZ8o31uQmA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 4 KB
4 KB 39ms
39ms XHR
application/json 18.239.70.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Frandomgenerate.io&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.70.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-70-203.ams58.r.cloudfront.net
Software: Server /
Resource Hash: 5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 12:19:35 GMT
via: 1.1 2837e32f921e7e7517dd6f5461c37dfa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
age: 18650
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://randomgenerate.io
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3623
x-amz-cf-id: rCIYMvQy5IIPWEoDtAHZGxIIQ-B-DHUDwzHF65cFOL6W2PpDpf_ylQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
359 B 187ms
80ms XHR
text/javascript 3.162.33.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&pid=Szk9fFRth6jdT&cb=0&ws=1600x1200&v=24.117.1925&t=1200&slots=%5B%7B%22sd%22%3A%22randomgenerate_io_anchor_ad_responsive%22%2C%22s%22%3A%5B%221000x100%22%2C%22970x90%22%2C%22728x90%22%2C%22990x90%22%2C%22970x50%22%2C%22960x90%22%2C%22950x90%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F147246189%2C23022552162%2Frandomgenerate.io_1000x100_desktop_anchor%22%7D%2C%7B%22sd%22%3A%22randomgenerate_io_top_billboard_responsive%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%221000x300%22%2C%22980x300%22%2C%22980x200%22%2C%221000x200%22%2C%221000x250%22%2C%221000x150%22%2C%221000x100%22%2C%22970x300%22%2C%22980x240%22%2C%22980x120%22%2C%22970x200%22%2C%22970x120%22%2C%22950x90%22%2C%22728x100%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C23022552162%2Frandomgenerate.io_1000x300_desktop_top_billboard%22%7D%2C%7B%22sd%22%3A%22randomgenerate_io_sidebar_left_desktop%22%2C%22s%22%3A%5B%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F147246189%2C23022552162%2Frandomgenerate.io_160x600_desktop_side_left%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.33.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-33-31.cdg52.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
via: 1.1 670b7fc2dd3052d71cc169230b289e08.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG52-P6
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://randomgenerate.io
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: tv0LY972kLQXjI8VcnLkT-mF0DG_vP02uepwEXCKOhImN7yXjnvvzA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 117ms
40ms XHR
application/javascript 18.239.70.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.70.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-70-203.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 d1b1cc661d55a3f8a88f240826e4f38c.cloudfront.net (CloudFront)
date: Mon, 29 Jan 2024 04:27:00 GMT
x-amz-cf-pop: AMS58-P4
age: 47007
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: bxyDBlvboONBuGcHeAntt7vxaaOrePLbnqCr74rls10NF1D-NjU6uQ==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 147ms
41ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Mon, 29 Jan 2024 17:45:26 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 39 KB
12 KB 42ms
42ms Script
text/javascript 18.239.18.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.18.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-18-118.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 02:12:54 GMT
content-encoding: gzip
via: 1.1 215e4a16b9afcb599baed4231992f516.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:42 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P6
age: 55053
x-amz-server-side-encryption: AES256
etag: W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: rhn8eIlUw5Glc3WCJMXwDH6uFFW3q9dw2lijr0Mnfo58-dkutOYByA==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 135ms
51ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&ref=&_it=amazon&partner_id=533
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cpf-generator
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 29 Nov 2023 15:31:45 GMT
server: cloudflare
x-amz-request-id: 01CC8G5F16RM7B26
age: 1251
etag: W/"13043c1bbaf21ccc6e8ed474a744d3f2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 84d333fca909bb5c-FRA
x-amz-id-2: HXRUR8HjAo6USwQLdtHY+PYQf8tGuqDCh/+7XnINsX6lV9HyCEeo0/fdHmm/D8O2xprGCoT8y84=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 113 KB
28 KB 52ms
51ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 08 Jan 2024 11:20:59 GMT
server: cloudflare
x-amz-request-id: TGD0Y06NTBJBX7GF
age: 2007
etag: W/"9692928e9024f20ea54c02122b35d5bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 84d333fc1acbbc04-FRA
x-amz-id-2: HcEa1aU09/LP87y9rRXIcsgKRW7o1mbK+zyswWxkpSUahJF4Pl+cAUJwUz0tNuIDPedCTP6IIwpWkl1ATQ5XuA==

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 184ms
79ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Mon, 29 Jan 2024 17:45:26 GMT

GET
H3 200 44949-72e08cdddb0481f9.js Show response
randomgenerate.io/_next/static/chunks/ 7 KB
3 KB 56ms
56ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/44949-72e08cdddb0481f9.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f193e41804e194b43fbe428bb6cc8af9e8429a2648000e27283c6b68d0b8d3ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
age: 5086923
etag: W/"1a67-18c26d7c623"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIT2G5AxcWijo6z7JFE6aL9xXBLfK5serSUsmzx4vrfQg%2BrTXO6RyQYW9kqXGC4%2BAt6maBojrNvJmnxjPiQHVIKw0Af0xFC7PVpRAGPcXlHM5Ejox6mwY8sfdAQDH4Xx7UJUh6a6nQGfpWG1vDSRqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333fc3d486f02-CDG
alt-svc: h3=":443"; ma=86400

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
335 B 55ms
55ms XHR
application/json 108.128.140.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.140.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-140-222.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e5bf94335744f14018f8d35860cdf446c541d3b0ef6fa4c65f0c8416b00a668c

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache
x-server: 10.45.29.222
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 25675-4b3099c5fc33bd05.js Show response
randomgenerate.io/_next/static/chunks/ 8 KB
4 KB 61ms
61ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/25675-4b3099c5fc33bd05.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 185bc340c89827c8c38564425751d73ada406cf960a7785c54bbe818f30fe924

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
age: 5089054
etag: W/"2079-18c26d7c623"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25%2BKAbemWi1EA7dCGRqzFrpwTWEapW4tu%2BKCmefbt%2BdpaMfVQBRSxrtBLFJiMMvoBff2ePGURuSLaBmiZaUdG33cCPtvwazaOq3drhEBPDuUwrPErrLnt5tmSlnaIWau6uOd3WUTG%2BXkM2extY2UJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333fc9de86f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame ECC5 70 B
149 B 285ms
57ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

ebda
eb2.3lift.com/ Frame ECC5
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYzNTM5NjE4MTUzNzQzNzY1Njg1NA%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYzNTM5NjE4MTUzNzQzNzY1Njg1NA%3D%3D&google_tc=
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

42ms
42ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame ECC5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECJEhItx01wSGaIF46yhDAM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
355 B

43ms
43ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECJEhItx01wSGaIF46yhDAM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 29 Jan 2024 17:30:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECJEhItx01wSGaIF46yhDAM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame ECC5
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYzNTM5NjE4MTUzNzQzNzY1Njg1NA%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYzNTM5NjE4MTUzNzQzNzY1Njg1NA%3D%3D&google_tc=

170 B
243 B

49ms
49ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYzNTM5NjE4MTUzNzQzNzY1Njg1NA%3D%3D&google_tc=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDYzNTM5NjE4MTUzNzQzNzY1Njg1NA%3D%3D&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 setuid
px.ads.linkedin.com/ Frame ECC5 0
649 B 323ms
235ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4635396181537437656854&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2720B37000974343A73F009036FAC0FC Ref B: DUS30EDGE0711 Ref C: 2024-01-29T17:30:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQGQBhjVr8g2BU9nxjTQ==

GET
H2 200 4635396181537437656854
pr-bh.ybp.yahoo.com/sync/triplelift/ Frame ECC5 43 B
426 B 170ms
60ms Image
image/gif 2a05:d018:d29:3601:5088:283f:2202:9e4b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/triplelift/4635396181537437656854?gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:5088:283f:2202:9e4b Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1

200
OK

sync
x.bidswitch.net/ Frame ECC5
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=4635396181537437656854&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=4635396181537437656854&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&bsw_user_id=${BSW_USER_UD}&bsw_param=7962955e-529f-421e-ba29-aa08cdd7ca99&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=7962955e-529f-421e-ba29-aa08cdd7ca99

43 B
235 B

45ms
44ms

Image
image/gif

35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=7962955e-529f-421e-ba29-aa08cdd7ca99
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: HTTP/1.1
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=triplelift&bsw_param=7962955e-529f-421e-ba29-aa08cdd7ca99
date: Mon, 29 Jan 2024 17:30:27 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

400

xuid
eb2.3lift.com/ Frame ECC5
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
https://eb2.3lift.com/xuid?mid=2711&xuid=eccc3cb4-1ddc-4820-a8dd-231964338a64&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}

0
37 B

41ms
41ms

Image
text/plain

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=eccc3cb4-1ddc-4820-a8dd-231964338a64&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-length: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://eb2.3lift.com/xuid?mid=2711&xuid=eccc3cb4-1ddc-4820-a8dd-231964338a64&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 774947
content-length: 0
expires: Mon, 29 Jan 2024 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame ECC5
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=8889471911930454369&dongle=4d58&gdpr=0&gdpr_consent=

37 B
355 B

42ms
42ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=8889471911930454369&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 29 Jan 2024 17:30:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
an-x-request-uuid: 1ed096e3-7395-4150-8f30-890a6940c609
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://eb2.3lift.com/xuid?mid=3335&xuid=8889471911930454369&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin: 80.255.7.103; 80.255.7.103; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/prebid/ Frame ECC5 43 B
1 KB 152ms
58ms Image
image/gif 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=4635396181537437656854

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
an-x-request-uuid: 6b2673eb-a614-4eb7-92c8-ebcd5f518656
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.103; 80.255.7.103; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 39238-bdd827d22231716b.js Show response
randomgenerate.io/_next/static/chunks/ 6 KB
2 KB 311ms
310ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/39238-bdd827d22231716b.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a232ca84ac4ce1044e5ec804c601aca3b635d9d602cd5cbfabc7618ae2e2b16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 23 Dec 2023 14:10:37 GMT
server: cloudflare
age: 3207900
etag: W/"19fe-18c97037ea1"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzF2C500WYrevBHXJSRty%2BLI39v%2BZd5%2BrObdmapgDbGhsmre0ynEcm3QvZLqVLkF5XeQizJ4RaEcPJuo%2BwRdl2Hv6idIZ5kcJNcSB2hllH6W%2FN12CcIN2ywlOGdgpttCJp4YJa3X6irlV8v%2F7PscRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333fcfe916f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 102 B
313 B 137ms
137ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=randomgenerate.io&url=https://randomgenerate.io/cpf-generator
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&ref=&_it=amazon&partner_id=533
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daa6fc92564a05e3d9996483b768e367bc62192f373cee8d3b7df8a4fbc6af18

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 84d333fe5e1191f9-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 219ms
137ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=533&sync=0&domain=randomgenerate.io&url=https://randomgenerate.io/cpf-generator
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://randomgenerate.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 84d333fd8d6191f9-FRA
content-length: 0
content-type: application/json
date: Mon, 29 Jan 2024 17:30:26 GMT
debug: OPTIONS block
expires: Tue, 28 Jan 2025 17:30:26 GMT
server: cloudflare

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 84BB 199 B
298 B 152ms
50ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Mon, 29 Jan 2024 17:30:26 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 39ms
39ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Mon, 29 Jan 2024 17:45:26 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
464 B 126ms
42ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
server: nginx
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary: Origin
content-type: application/json
access-control-allow-origin: https://randomgenerate.io
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Mon, 29 Jan 2024 18:00:26 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 229 KB
66 KB 40ms
39ms Script
application/javascript 184.30.211.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-211-26.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: gzip
last-modified: Mon, 23 Oct 2023 16:23:46 GMT
server: Apache
etag: "394d0-60864a57eaadc-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 67550
expires: Mon, 29 Jan 2024 17:45:26 GMT

GET
H3 200 63031-592c8bb62d9bd528.js Show response
randomgenerate.io/_next/static/chunks/ 138 KB
21 KB 61ms
61ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/63031-592c8bb62d9bd528.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4da1b91b35d44d991c5079b5ae0c8493c73838e56c85b6a607ef29ea472d8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 26 Jan 2024 13:49:18 GMT
server: cloudflare
age: 271425
etag: W/"22686-18d46082fd3"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJG5wo9CTeFdVqArXS2lCq%2BB9xTPbHBdPnQ35MjBDdJ%2BdwdgA2wmUalUgJj3vG9L9YPz%2Fx60ksyhjkLb0D7T5V0274qk%2FjOdIHvYzibcAcNoStOGVcJbEjoEDMtsUPDUzFIHdMAq5OsMX3kAci3eyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333fee9f36f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 533 Show response
a.ad.gt/api/v1/u/matches/ 12 KB
4 KB 137ms
55ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/533?_it=amazon
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60a926d0321573e81faf19a79c14db773c4cd81d4748dfde763f7fdd89875c93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 17:26:39 GMT
server: cloudflare
age: 228
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 84d333ffbc081cb7-FRA

GET
H3 200 36757-28b54408f0f05e88.js Show response
randomgenerate.io/_next/static/chunks/ 137 KB
18 KB 77ms
76ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/36757-28b54408f0f05e88.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 561fb605fba42be568be9edbfadde9517e680b92495dc1e9b1e17b012c560573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 04 Jan 2024 10:24:13 GMT
server: cloudflare
age: 2185304
etag: W/"225e4-18cd400864e"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGUsfKmQUDSVulMuO9NV0Jm2PWNzVI%2F4sGJgrqVEhuvBxMH8PEIZR93Lfw6BIqVDNtWqHs7lshXU0KanIN%2FefzjKdJC3sqJ4LVccALhSpkjDp8pe8nT6JpYF56nvdtRWQ4kFamAfX3XQOG8g7FgeVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333ff5af76f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/ 0
239 B 171ms
42ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/sync.php?p=prebid
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 cpf-generator-0d88c187c017f4f4.js Show response
randomgenerate.io/_next/static/chunks/pages/ 12 KB
4 KB 60ms
59ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/cpf-generator-0d88c187c017f4f4.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c36cd760a640411a2be21643a1cb1632c8adb3a61787fed3221f80f501d1ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 28 Jan 2024 12:38:47 GMT
server: cloudflare
age: 2
etag: W/"3026-18d501459ac"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvf9Y%2B7AE0%2FEMmj8J%2BU9n76zyFVjtZD54ufuFBlwjNXuLCy2aJO4FN0Olf3t9BT3URIc4UsFqXY%2FxCY67qEe9BMJp3XTCADBCl7rmSbeCGAdUj6dlr30fuPAGH9QX1sWfelZ4fQI8YIiqy7Y8TvbWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d333ffdbda6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 _buildManifest.js Show response
randomgenerate.io/_next/static/hZvoK-ZlOT6-OqFLVEFYD/ 89 KB
17 KB 60ms
60ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/hZvoK-ZlOT6-OqFLVEFYD/_buildManifest.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbbf833bb62a63c7d9bddf038c17a77acd6bcadc2397eb37ddf7eff0f96eb1e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 28 Jan 2024 12:38:47 GMT
server: cloudflare
age: 103019
etag: W/"163cc-18d50145984"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6MADUO8TJgjoh30Viv2iwfmXyOB4RThW7N6G%2BfWznzWa4G0CkfKk2sapvynK6WUlUy3g3e1G%2BIQWOpSrWmbAqr3VksnrUJvo2CFEbk2Nbl6Mu7P1ElJroH8ddW1cCok31fd5X2RoIwl6Ksw0p4c6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d334004ca46f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 image
randomgenerate.io/_next/ 16 KB
16 KB 242ms
242ms Image
image/webp 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://randomgenerate.io/_next/image?url=%2Fimages%2Fdo-i-like-him-quiz.jpg&w=1920&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0195b195fe0fd11ed11974c779e5c0744b575b678dd6b432f408697671396a9a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: AZWxlf4P0R7RGXTHeeXAdEtXW2eN1rQy9AhpdnE5apo=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYUdpyJQJHukJt%2BBcxiwb4lPwquFQxq9O48TVV9eOxzQLbvK5LIjLueSeAQQCOf%2FDFgyt%2BLJoAyRyofPGdKiypmnqPIdJbV7L%2FSDvs9fwCJeKRMgQSsLq5GIYkOjLqA2jbYz4ufkrGlJQqIAKa%2Fpkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-nextjs-cache: STALE
cache-control: public, max-age=60, must-revalidate
content-disposition: inline; filename="do-i-like-him-quiz.webp"
cf-ray: 84d334006cd16f02-CDG
alt-svc: h3=":443"; ma=86400
content-length: 15994

GET
H3 200 image
randomgenerate.io/_next/ 11 KB
12 KB 414ms
414ms Image
image/webp 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://randomgenerate.io/_next/image?url=%2Fimages%2Fdo-i-like-her-quiz.jpg&w=1920&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb35f127d3076d6f73de261683e99a846c3880d35b739e033a1695a086fb932a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: uzXxJ9MHbW9z3iYWg+mahGw4gNNbc54DOhaVoIb7kyo=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7q0sv4uvxeIeVO%2FxXA8kamZ57owGoyPNOnaSVEFVq%2FWmS40J2Rzr7pM%2FrZBf%2Fk%2Fx7FpgtLMnIVyZJs1aXMtwDMFzxol6nN8RKIUGon83vNCO22QreHsTlu3I1sxAMkrWNmn3av4%2FbLPDxyy3KFcRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-nextjs-cache: STALE
cache-control: public, max-age=60, must-revalidate
content-disposition: inline; filename="do-i-like-her-quiz.webp"
cf-ray: 84d334006cd66f02-CDG
alt-svc: h3=":443"; ma=86400
content-length: 11232

GET
H3 200 image
randomgenerate.io/_next/ 24 KB
25 KB 413ms
413ms Image
image/webp 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://randomgenerate.io/_next/image?url=%2Fimages%2Fmental-age-test.jpg&w=1920&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

749f5210d6f2b201d06e60caa18f62e1eb3f8f9443fa51b5dfc5ee9178704241

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: dJ9SENbysgHQbmDKoY9i4es-j5RD+lG138XukXhwQkE=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WX7gOyjJDsLfjKmButb5nx3WawTfTd1LfnLMe0OzevZV0IdFi7qAbQ67gselmGUjRMpJUud1OjJQcW1mXFe11G2Q6sQ0W9%2B267VHdSBdhOXTvrktgiM94Kjq1QLeiBvFo0Lda6dLcd341BojZ%2BklJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-nextjs-cache: STALE
cache-control: public, max-age=60, must-revalidate
content-disposition: inline; filename="mental-age-test.webp"
cf-ray: 84d334006cdb6f02-CDG
alt-svc: h3=":443"; ma=86400
content-length: 24866

GET
H3 200 image
randomgenerate.io/_next/ 10 KB
11 KB 415ms
414ms Image
image/webp 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://randomgenerate.io/_next/image?url=%2Fimages%2Fwhen-will-i-die-quiz.jpg&w=1920&q=75

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c825307202a5381629cc9fe28a6b63fe1348ff329afbcfed5782fc5567d0653

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: PIJTByAqU4FinMn+KKa2P+E0j-Mpr7z+1XgvxVZ9BlM=
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lBmi3udtyQVw1lOBxq7ZShEs4WQEvnp5qqykr4jZPs8bIvUjE4duH6qAD%2BH2jtICyy6AbdQQEKjYI%2FZ29dMHsj9w4F5m8frFUcG9h85xGN%2Bi4xPZpyGc1sT%2Bc8EOWEiC4BClEl370rmP%2BvJB2mgfYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-nextjs-cache: STALE
cache-control: public, max-age=60, must-revalidate
content-disposition: inline; filename="when-will-i-die-quiz.webp"
cf-ray: 84d334006ce16f02-CDG
alt-svc: h3=":443"; ma=86400
content-length: 10174

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
357 B 81ms
81ms XHR
text/javascript 3.162.33.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&pid=Szk9fFRth6jdT&cb=1&ws=1600x1200&v=24.117.1925&t=1200&slots=%5B%7B%22sd%22%3A%22randomgenerate_io_middle_responsive%22%2C%22s%22%3A%5B%221000x100%22%2C%22970x90%22%2C%22728x90%22%2C%22990x90%22%2C%22970x50%22%2C%22960x90%22%2C%22950x90%22%2C%22980x90%22%5D%2C%22sn%22%3A%22%2F147246189%2C23022552162%2Frandomgenerate.io_1000x100_desktop_middle%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.33.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-33-31.cdg52.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
via: 1.1 670b7fc2dd3052d71cc169230b289e08.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: CDG52-P6
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://randomgenerate.io
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: iAWXBXqb8ci-_EBJs79LQCiRVhfnfCYSX1sWf_hsT9amxVrAZkt-dw==

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ 475 B
662 B 1073ms
1072ms XHR
application/json 104.26.8.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e74f05c1854923868b126b3471c5c29654e2f1f6083001db146bdd87ffce18d6

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:28 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-prebid: pbs-go/0.259.0
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcIFWL3jMRqFkp4YNqF3LsaHVgR2uX0PCSv8V%2FVSpp3fMn1pWzluE%2BOESQjrvrZmzGe%2FUs6QSwBy%2BeMArJE2DtBfpVVwpFsFnccitEA%2B6iFGYIbeeT1QJGNsojwZI1ZlXvXnpwwrW%2Bk%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84d334006a3c9106-FRA
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
605 B 40ms
40ms XHR
application/json 35.158.201.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.54.0&referrer=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&tmax=1200

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/6380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.158.201.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-158-201-105.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:27 GMT
accept-ch: user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr
x-auction-status: 29
content-type: application/json; charset=utf-8
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
receive-cookie-deprecation: 1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ 60 B
248 B 59ms
59ms XHR
application/json 2606:4700:4400::6812:22b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Mon, 29 Jan 2024 17:30:27 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 6 inventory rules not found for mediatype: banner and adUnitCode: randomgenerate_io_middle_responsive
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 84d334006e5e1e4a-FRA
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 186 B
568 B 159ms
159ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://randomgenerate.io
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
236 B 46ms
46ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://randomgenerate.io
date: Mon, 29 Jan 2024 17:30:26 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 47ms
46ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://randomgenerate.io
date: Mon, 29 Jan 2024 17:30:26 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
2 KB 116ms
116ms XHR
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: ff193b653bad0b2f9f2b19e3571d4bc80d5e64d678686013799bf8121b5a725d

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 17:30:27 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://randomgenerate.io
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1983
Expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 2 KB
2 KB 85ms
85ms XHR
application/json 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=49617429462&lsavail=1&bundle=pLJurV82anVVT3pTTDFlSUFxVk1MUTdnJTJGc3JMU25OTlpyNGllS3J6R2R0VzZsdG9SSGIyQ2dBRWVvZ2hyOTQlMkJVNEt1OWpRanclMkZuWWlyJTJCVlNzZnJ1djQlMkJ5RENtZ2w0S1lSWkVOaTdWMGI0MWRkaUlrSnIzbmlJM3ZRZ1N0bFpwTVBGc1JtNWs3V2pnR2RQY1ppWlRUOXJqZ1JlRVpOc29BaWN5Y1FyMWtiUTZlQk9FJTNE

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/6380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b738f4b1cea879b84c4223d5800971cf48f208c3293c84abcb6bf02fdef5b95c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 29 Jan 2024 17:30:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://randomgenerate.io
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 340 B
397 B 110ms
110ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1969856&size_id=2&alt_size_ids=55&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&kw=CPFGenerator%2CCPFrandomizer&tg_i.domain=randomgenerate.io&tg_i.page=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&tk_flint=pbjs_lite_v7.54.0&x_source.tid=8af81cff-9893-4391-be8b-5d56a0890075&l_pb_bid_id=8786084af6472af&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8af81cff-9893-4391-be8b-5d56a0890075&rp_maxbids=1&slots=1&rand=0.5085912923449658
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: adb759006a9345d092a55d6e194a491819c42d4ccaeb3f4e0497ba822ac358ba

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:27 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 340
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
532 B 109ms
109ms XHR
text/plain 37.157.2.228
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/6380

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.228 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
179 B 43ms
42ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://randomgenerate.io
date: Mon, 29 Jan 2024 17:30:27 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 cookie
cm.adform.net/ 43 B
106 B 133ms
44ms Image
image/gif 37.157.3.20
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H3 200 quiz-40da48c88f7eb0ce.js
randomgenerate.io/_next/static/chunks/pages/ 0
3 KB 72ms
71ms Other
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/quiz-40da48c88f7eb0ce.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 27 Jan 2024 16:16:42 GMT
server: cloudflare
age: 175597
etag: W/"1c34-18d4bb57e76"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7T%2F%2Fdw2LdC7d10yq7xl5xwrgkMNdNJ5LYFSBne%2FzN2YpLw%2BRx9EyeNk4irCME9cjVtZ81dWf1lMmGvZrHahOFAJFI5K37GwPeSTdrzOR%2BQjcDVYRHT%2Fk%2Fqqvm3Z9fTQBY1XHi5n9kAwcgtmFCwryw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33400ad566f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 96051-c5d0ef9184b75f72.js
randomgenerate.io/_next/static/chunks/ 0
5 KB 72ms
72ms Other
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/96051-c5d0ef9184b75f72.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5089055
cf-polished: origSize=12032
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
etag: W/"2f00-18c26d7c62b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWqU1wlW15m5e8rtMcGdAMAo0L71ZDkt%2BpXBLqJ6tPfEe5ydBmcjuiQFYvd6eLLJv1eWI1D3S9k2ROIE5996PAPU4tM5J1dYgKdsKydvsHff70ef6%2FKPDnTL8IqUdlzClXOEh1KKtz8BPKj91NDUuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33400ad596f02-CDG

GET
H3 200 random-song-generator-818a397e19d88d19.js
randomgenerate.io/_next/static/chunks/pages/ 0
10 KB 66ms
65ms Other
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/random-song-generator-818a397e19d88d19.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 23 Dec 2023 15:43:20 GMT
server: cloudflare
age: 3202529
etag: W/"7c05-18c97585e57"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FkGmcx64hNUP34qGrF1ZrphwdlvcJTaCzjkLqOerpf6QnBqkCriT5NAbtFj0%2BqYQhGpkfwoExIGasYbVgzfzM%2BLSSFcq%2B38LK6ynrswztD%2B4nloSQVNj9pVfimfRKWEkOPSRg0kOIcQLyOdQFxNFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33400ad5b6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 random-website-generator-aacfdc9f02a1cc36.js
randomgenerate.io/_next/static/chunks/pages/ 0
5 KB 115ms
115ms Other
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/random-website-generator-aacfdc9f02a1cc36.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 23 Dec 2023 15:43:20 GMT
server: cloudflare
age: 3202536
etag: W/"3ab6-18c97585e63"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfUKg8dQkD%2FXyY0nVFpYe%2BXCUlNAU%2FEm3XMoG8TS4KREjAwJ2lN2WkLy6iXx%2BkSRwMRzfDXXKIl3gRafEAJZd5CBZWE1QX7p59SK0iMRxWHYA06nuAswQUj5RtYqIehDBNNwT3h9GS22qg9BF%2F1D7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33400ad5c6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 54099-7f966b76d9eb9939.js
randomgenerate.io/_next/static/chunks/ 0
10 KB 72ms
71ms Other
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/54099-7f966b76d9eb9939.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
age: 5089055
etag: W/"a879-18c26d7c62b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmDKAnQfRe%2BXNFjD5nrYRBTUbZV9j3DKZ0gLtTkPzRhWVNK6HzAidj9gObvU2rtZAEDGrubR8P0D17%2FMurRJVcaD0002FQtpk8lp0H0qn6WGE%2B7P4kKgxTHV5BMd7PzNDxS6jQEIFpzc%2FNMBjhwe4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33400ad616f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 truth-or-dare-generator-7c369c536bc94db3.js
randomgenerate.io/_next/static/chunks/pages/ 0
5 KB 67ms
67ms Other
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/truth-or-dare-generator-7c369c536bc94db3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 23 Dec 2023 15:43:20 GMT
server: cloudflare
age: 3202529
etag: W/"370d-18c97585e6b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jp9vhOWdGnnSoUg72bdMNrZWL8eWP%2F%2Ba4IsbAy48DgC4ypJSwtkC9PmZo9a%2Fy%2BIyhjsi5xxLNLq9L0ixyJbrWILcSYhLYJzNEIsrRGH48uOoEvMA%2BCm5liimj1c5dmgYCYOFq3Nv5o68SsNxSB2Bfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33400ad686f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 88324-fc75c52da837dfc4.js
randomgenerate.io/_next/static/chunks/ 0
9 KB 72ms
72ms Other
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/88324-fc75c52da837dfc4.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5089055
cf-polished: origSize=24166
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
etag: W/"5e66-18c26d7c627"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfAZV0YM67A9nF9Z9EdeBU%2FOaD01PWMS5GUSd0xjcBRxIKttIGKaKNBe85iVZ0e5ktWAd6tgXAGD%2BtIDCoqgtsFALh6Tj4ZT3pVk%2BNW8X2C7%2FpmEOBhoQNFJKxK%2Fj5hwcL1wowd%2BXc9CKCocx8rpSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33400ad6d6f02-CDG

GET
H3 200 22004-1ea95d83fa15f977.js
randomgenerate.io/_next/static/chunks/ 0
19 KB 117ms
117ms Other
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/22004-1ea95d83fa15f977.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
age: 5089055
etag: W/"1a984-18c26d7c627"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izqdDfAnCLWDjJab9jwDmAgXom1Ojo2KwTIOWkePVWHYfZDuQ2QeMgiTY7wExnvH%2BAPN4qRXR6VfhWaz31ELiaUgeUHJJtmcpqy%2BaIunOIXht1bH7rcvXbdQLLCaYa6XcDL1Bx6dCKZzHmSUgkRAqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33400ad706f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 97156-bb5bba403b4ea077.js
randomgenerate.io/_next/static/chunks/ 0
42 KB 119ms
119ms Other
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/97156-bb5bba403b4ea077.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5089055
cf-polished: origSize=123294
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
etag: W/"1e19e-18c26d7c627"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=valhXlVob%2F95vFFxHcmQFPt6I5ZuNKpQ5qc214d6pCmdXwTwMLvSOqZ7tm4akJJoXgGWnetaVS5Wr6ThiLPMWW%2BYNCQx7ANffOcuhMk%2BW2DR%2B2uhTHOCbtainsPxgNPvBv3T4XdN02cc9lUoX3XKJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33400ad736f02-CDG

GET
H3 200 random-movie-generator-0b433545fc41bca1.js
randomgenerate.io/_next/static/chunks/pages/ 0
10 KB 165ms
164ms Other
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/random-movie-generator-0b433545fc41bca1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 23 Dec 2023 15:43:20 GMT
server: cloudflare
age: 3202529
etag: W/"7513-18c97585e4f"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldXmzNYEMz8STuKzXwER%2FpMlIQKpv9C0f%2Fxsfre3NvQ3hzWuUFMl9d0F%2FeCYgxZm5RwVa2OWFAaP27emMIHMrSJipHeqEPS9NBfJDFq244xXZT3zjRPV%2BUWP4KXVeG%2FwKnM8Yyw9WHOOPJgF7rijgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33400ad756f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 index-0712876534889292.js
randomgenerate.io/_next/static/chunks/pages/ 0
5 KB 176ms
176ms Other
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/index-0712876534889292.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 23 Dec 2023 13:18:06 GMT
server: cloudflare
age: 3211272
etag: W/"3ebe-18c96d367ef"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quL3%2FUGoBxfVdO%2BcpygwRc6yGOKaLmizQZvjqRb8Q02%2Fj3i5HYK%2Fl8H%2BQERVXFHMS7wbFEynqpNdbB%2FvrJeyz0bESvYZ9WkyjBRBNP2V5W1SPk85NHM1907EvaZk0b4kgBZTuLjki2BdpK8CV%2BWr9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33400ad7b6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 _ssgManifest.js Show response
randomgenerate.io/_next/static/hZvoK-ZlOT6-OqFLVEFYD/ 77 B
574 B 178ms
178ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/hZvoK-ZlOT6-OqFLVEFYD/_ssgManifest.js
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sun, 28 Jan 2024 12:38:47 GMT
server: cloudflare
age: 103019
etag: W/"4d-18d50145984"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3TgvR4CFkMSB8Tsql%2BYQoQhqP13PsmGr8DsU1ERww7SZZ5u0LvoqpwUp0iNs%2BOPlRARbz9EcGa9bQVgt6yuSWE6z2cDnOJHoOC6usqCwca3oXmVSu6nIAbDuQbKNmOCsLX1MwM6Zl0scwLqxUaeY0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33400ad806f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 quiz-40da48c88f7eb0ce.js Show response
randomgenerate.io/_next/static/chunks/pages/ 7 KB
2 KB 108ms
107ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/quiz-40da48c88f7eb0ce.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10592b836bb8f3388e07e98bb792a3853b6128eb82e985a05fa4dc902be3924d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 27 Jan 2024 16:16:42 GMT
server: cloudflare
age: 175597
etag: W/"1c34-18d4bb57e76"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1z3S%2F8%2FBITOz5M6RBzlHUiDgbmOkS5b0qXURqPVAgOEYfzNOgu9zJWgLABhIZXoan7J4LwvpttP57OaLgc4OcBtWtevlQTv5%2BHXaMhiQw4gkH3gs9tJdzCUF0opqobitcQmMKRTAeEnFFXeHsvC5BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d334012e3f6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 54099-7f966b76d9eb9939.js Show response
randomgenerate.io/_next/static/chunks/ 42 KB
10 KB 98ms
98ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/54099-7f966b76d9eb9939.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fcb659fdb426def82bb86e06af50e9a59049141b72014637d8d750e399b1b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
age: 5089055
etag: W/"a879-18c26d7c62b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsBLbmMNXI9w9ruy6Y0aXKRWLyDtxCBZwAxwmGS%2FEysoNw7Y%2BMnX%2BDh99aypAdFG%2FrM8swMd38SpnddRX2L3g8wZ1217IQk%2FtTscoc9HC6cczDEEFYAdnJ2RL4Pu0tewNYSVYH1lJ8%2Beq%2FZFLwW3lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d334013e686f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 truth-or-dare-generator-7c369c536bc94db3.js Show response
randomgenerate.io/_next/static/chunks/pages/ 14 KB
5 KB 98ms
98ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/truth-or-dare-generator-7c369c536bc94db3.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d4ea3e5eacf489f1658961a5d3e3b68bdf51aa1077a1270f6bf9eabfd03c063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 23 Dec 2023 15:43:20 GMT
server: cloudflare
age: 3202529
etag: W/"370d-18c97585e6b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpaXW7t%2FOzu1omBt36CBJgtlRqePO4QBsfm9fwdRmzoAOcPOp3gc0Z%2FlLAkKkjf6van6dCV%2FtaoMYSe0TFfxAE4ltfF%2B0iqx4WGKTwJpZRS0ueHZlBvGqaB4agjL5oB9s6jIAI1cWEmwSHdqtAz7VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d334013e6f6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 071eedcda7a195e2.css Show response
randomgenerate.io/_next/static/css/ 5 KB
2 KB 100ms
100ms Fetch
text/css 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/css/071eedcda7a195e2.css
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/main-97f94a1dfa5c345e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5ee934957510bcdcf8c083e80cb9e6bda059507c331a15a486fae18c681db09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5089054
cf-polished: origSize=4874
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
etag: W/"130a-18c26d7c5c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bl3hkdHSnmj4q7hXEokk9THl4qRipWs%2BS%2B4EXxkkS1rsJ22B6BwlCAxkn2bBooP2F17KY0YyIUlYHqX%2BqoADTI16Utc3PM5vAos2WLUBScUvvO%2BvvIw%2FOArkBoLAtvWX7BNRQkt0ehEorhZVz5Z1rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d334013e726f02-CDG

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0247 16 KB
6 KB 133ms
42ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=53040
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 29 Jan 2024 17:30:27 GMT
expires: Tue, 30 Jan 2024 08:14:27 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H3 200 96051-c5d0ef9184b75f72.js Show response
randomgenerate.io/_next/static/chunks/ 12 KB
5 KB 69ms
66ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/96051-c5d0ef9184b75f72.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40abb0a63dc7e8c7f929f16bbdffeba11d328f02e31c42b5808dd58ae72a2c51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5089055
cf-polished: origSize=12032
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
etag: W/"2f00-18c26d7c62b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WpEWaLjaKKPNkGeQn5qUkWy72AO1b4iO%2BArA7KL9Rvl%2BowafgV8tNgROVDPWFLtSUFV6lxCmWV6BzhjNNvS%2FeSKIQLUpZ3rQHaMQM3FXtE4MQIFtBK4ZCW8SnMEwdpc25Z192V5N8CpKgls841gAdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d334017ee76f02-CDG

GET
H3 200 random-song-generator-818a397e19d88d19.js Show response
randomgenerate.io/_next/static/chunks/pages/ 31 KB
10 KB 70ms
68ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/random-song-generator-818a397e19d88d19.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec8749dbaee2d5a8165e8c98feb32657c37a1805369cb8c9621fdc2cb72c18d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 23 Dec 2023 15:43:20 GMT
server: cloudflare
age: 3202529
etag: W/"7c05-18c97585e57"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSshB1ao0BHiOEfhatrOmiq80rDAl%2BizopERT7aPXtmmQeH%2B9gvsO8feonFdiaWr0Pw3kQOPjdikKA5jMtUnEd6TgVZ1Sw3TlX0hX2WgKcM0nJ9JAG7tjdBB0K%2FfMmX06H92xpx9XzSmuVYClTtF%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d334017eeb6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 33ea6707246b81e9.css Show response
randomgenerate.io/_next/static/css/ 26 KB
6 KB 70ms
68ms Fetch
text/css 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/css/33ea6707246b81e9.css
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/main-97f94a1dfa5c345e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6f5dc262d6f475ee4245eacf65bed6186aae85064176dea22b35caeb709ffbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5084794
cf-polished: origSize=26226
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
etag: W/"6672-18c26d7c627"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpPH6tLHHFzlPmiK2z3%2BXN%2BAwTBexAiLQFBeZojQ6ux2aYa0wbKU2AyyB6VyDuzFagyfvGQwIw6LpIIFfPMVRElwWb5a3rWAEjd%2FCHIl98C3CX83YeX0eROgpDky82TB4kiyiB3vhTBlXJmWfQFkTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d334017eec6f02-CDG

GET
H3 200 c267368c6c17d16c.css Show response
randomgenerate.io/_next/static/css/ 3 KB
1 KB 73ms
71ms Fetch
text/css 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/css/c267368c6c17d16c.css
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/main-97f94a1dfa5c345e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ddabf06a83b76a256f03762f3ddcdeef0b19d476ba20202ebfe570e460bb009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2851999
cf-polished: origSize=3125
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
etag: W/"c35-18c26d7c5bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5h1bn0KA1eICDg0wWE1ZomWMjMOadMSb6QI9i6jIZi4o1Pnh9BNQ2Xdc2CDLEHOQiJQOlPNlkHnFb2BP80YAWicuZEzelS6ui%2BSl%2FUjnjMzznBWWUeVQOcf6TwBEI0qDcf7RmTU7R%2BkqbgJ9wI%2BetQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d334017eef6f02-CDG

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 294 KB
80 KB 1361ms
1361ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1030135560806665&correlator=988942007398975&eid=31080255%2C31080678%2C31079963&output=ldjh&gdfp_req=1&vrg=202401230101&ptt=17&impl=fifs&iu_parts=147246189%3A23022552162%2Crandomgenerate.io_1000x100_desktop_anchor%2Crandomgenerate.io_1000x300_desktop_top_billboard%2Crandomgenerate.io_160x600_desktop_side_left%2Crandomgenerate.io_interstitial&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1000x100%7C970x90%7C728x90%7C990x90%7C970x50%7C960x90%7C950x90%7C980x90%2C970x250%7C970x90%7C1000x300%7C980x300%7C980x200%7C1000x200%7C1000x250%7C1000x150%7C1000x100%7C970x300%7C980x240%7C980x120%7C970x200%7C970x120%7C950x90%7C728x100%7C728x250%2C160x600%7C120x600%2C1x1&ifi=1&sfv=1-0-40&ists=1&fas=0%2C0%2C0%2C8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706549427414&lmt=1706549427&adxs=300%2C313%2C0%2C-9&adys=4100%2C270%2C105%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&vis=1&psz=1600x4099%7C975x747%7C1600x4099%7C0x-1&msz=1600x0%7C975x-1%7C160x-1%7C0x-1&fws=0%2C0%2C512%2C2&ohw=0%2C0%2C0%2C0&ga_vid=1132696889.1706549426&ga_sid=1706549427&ga_hid=979407321&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYvO-WstUxSABSAghkEhsKDDMzYWNyb3NzLmNvbRi875ay1TFIAFICCGQSGQoKcHViY2lkLm9yZxiM8Zay1TFIAFICCGoSGAoJeWFob28uY29tGPvwlrLVMUgAUgIIbxIXCghydGJob3VzZRiU8Zay1TFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YvO-WstUxSABSAghkEj4KBW9wZW54EixleUpwSWpvaU0ya3dMekZYU25SVGNVZDZTRWxCWkZGQ1duTjVaejA5SW4wPRip9Jay1TFIABIZCgp1aWRhcGkuY29tGLzvlrLVMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YuvGWstUxSABSAghq&dlt=1706549425364&idt=733&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=3492553722%2C3318566963%2C1595910592%2C1562141694&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d84c709c22f7a3b801936ac6451d426d1a7ef7e01981cd08b77ff1a3aabc353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81637
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D005 6 KB
3 KB 153ms
48ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:27 GMT
expires: Tue, 28 Jan 2025 17:30:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/ 44 KB
14 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl_page_level_ads.js?cb=31080678

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81aa0216d82653c46fba45882a65c0c96426e9eb544d8e29593e4fa58a783189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 11:39:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21050
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14207
x-xss-protection: 0
server: cafe
etag: 9516969934646521857
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 28 Jan 2025 11:39:37 GMT

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 50ms
50ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/saas/6380

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 30 Jan 2024 17:30:27 GMT

GET
H3 200 random-website-generator-aacfdc9f02a1cc36.js Show response
randomgenerate.io/_next/static/chunks/pages/ 15 KB
5 KB 68ms
67ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/random-website-generator-aacfdc9f02a1cc36.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a3625b5d9c9812b4eee70ea974c961f0a8e5ed1aa587effa4dc49959d722d95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 23 Dec 2023 15:43:20 GMT
server: cloudflare
age: 3202536
etag: W/"3ab6-18c97585e63"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44HFy2%2Fca3umPVAddDKRz9uZqqtAS23Q%2Fu5qtjY5SLR8JcB0cz0kBppmL3UkDWwp8lTNzDFTk54%2BX4xfrFbxGnyEMPr26H0asrbrcLa1GScBndK6AxqzDUKH5waI5Jr0ZcduEQ57WR1tagDz04xMsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33401af2a6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 88324-fc75c52da837dfc4.js Show response
randomgenerate.io/_next/static/chunks/ 24 KB
9 KB 68ms
63ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/88324-fc75c52da837dfc4.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fb1407d658a8283ce9cd10631dd37f413e0de13aab80c06b72bc2221b523c55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5089055
cf-polished: origSize=24166
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
etag: W/"5e66-18c26d7c627"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UuAwAUqaYg5wO0nCgiR5CXygs7bN76NGtI0CZQWQSzJPF7UqrObff6BcVhc2xiJKIxMzbP1T5yjG9ZFpVkgqZImp8EexewqPQJtuHxIWRUjarTlmlkTVT7R4QSdAzVK0URl20YtRmw6OvWlJteJCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33401dfca6f02-CDG

GET
H3 200 22004-1ea95d83fa15f977.js Show response
randomgenerate.io/_next/static/chunks/ 106 KB
19 KB 69ms
64ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/22004-1ea95d83fa15f977.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0b1889ffc4b5e9fc8c2379faaa7ccdd94fa3885af7836fbb0d4e6a097006c6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
age: 5089055
etag: W/"1a984-18c26d7c627"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JN9U7ErZVoewNMNzx0X1L4934fifCQj3NfZ7G%2FhWPPgBpyj%2Fg7ZNIF2dyrBzYv9nWk7srT%2BivoPhXsEFLqlxTY3l9tQ2ZW0rXqf89hCLJ9uyZQp7rAgYbtxwpuy0Yw076Z56LRJi32JEF7NY4OTNJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33401dfcf6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 97156-bb5bba403b4ea077.js Show response
randomgenerate.io/_next/static/chunks/ 120 KB
42 KB 92ms
87ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/97156-bb5bba403b4ea077.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 670ee64fbca97d16da3cb3e6f974615afd092b6060aae942843ace58bc151ae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5089055
cf-polished: origSize=123294
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
etag: W/"1e19e-18c26d7c627"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6BuevEOetE%2BS%2BhpY57QouRLqBmYVVReQn6jELN%2BBAqgOtL1e%2FgEIywynfRK13jK5zqWMmioEO19YKZlZt6XWXo4hK9OX6Er8NOx%2BrhZWxGY7dDKT%2BQfkuhAv0NBC20jD6lfZ2bYMZM7RGAnIqevnZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33401dfd46f02-CDG

GET
H3 200 random-movie-generator-0b433545fc41bca1.js Show response
randomgenerate.io/_next/static/chunks/pages/ 29 KB
9 KB 70ms
65ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/random-movie-generator-0b433545fc41bca1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91950233cb729393ab77611b4c834136de98ada7eeca5a764b0ad34f72341b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 23 Dec 2023 15:43:20 GMT
server: cloudflare
age: 3202529
etag: W/"7513-18c97585e4f"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiKW18cqH%2BnN0IRIPc1VH1zHr%2BtchfCK3jQbuom%2Fd80qv4xF1ADQXbOmsCin5gCnKwkVL5bvqoff0zumlSDCWunBvOKhNEtbAuR1Q2gKRFeBigHueVSrppurwjf5aBU4aC1RuwjhkEcMcHHxIan9zg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33401dfd76f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H3 200 4c2e72c65ec13b61.css Show response
randomgenerate.io/_next/static/css/ 10 KB
3 KB 72ms
67ms Fetch
text/css 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/css/4c2e72c65ec13b61.css
Requested by: Host: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/main-97f94a1dfa5c345e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4d55b1fc039bfc0c74f90a846f637ef2eb655c67c6e851207f52ee3db9b795

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5089054
cf-polished: origSize=9889
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 01 Dec 2023 19:25:24 GMT
server: cloudflare
etag: W/"26a1-18c26d7c5e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMjn0tNVWmYY7aymrSBIAFsRXJjJE7ooGqajpjR8qacZPaYmZ4dbr7byNZV%2FDNlNHsPJG1OSY8u1fAxYc5X55i3bzKCj%2F%2B8S593NQwSghZENPag420bwty5d2rmw6bDgJn3h8o0ts6c8BbXxN1VBbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33401dfdb6f02-CDG

GET
H3 200 index-0712876534889292.js Show response
randomgenerate.io/_next/static/chunks/pages/ 16 KB
5 KB 67ms
65ms Script
application/javascript 2606:4700:3037::6815:5653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://randomgenerate.io/_next/static/chunks/pages/index-0712876534889292.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 291413442076f1e099550c4ed2f94eeb121885d7be058fea171e0c546ca13ed1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/cpf-generator
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 23 Dec 2023 13:18:06 GMT
server: cloudflare
age: 3211272
etag: W/"3ebe-18c96d367ef"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8acTpYyLd7QnO7yIJRCxWD6JF20UYw%2FrnDiROscpnByXQSvE%2FkUcd4CEAhktas97PMgiPbxIB3bI5q0GUrkdZsIu4XkWPL6ebX4BYj%2FiCgT9jIASuO40GF7uXUEPkVJWArl%2BsKcrVxmHEK8cS1iAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 84d33401dfdf6f02-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 173ms
83ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401230101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88729f204be6c899821512b65f15c4ff7a0af19b95df8f46b00c3c4f5f097a62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12099
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0ECB0300BBFB446C94340B7A34CA5629&RedC=c.clarity.ms&MXFR=0C3E4AC6264765411A285ED322476B95
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0ECB0300BBFB446C94340B7A34CA5629&MUID=01CC57B320ED629032EE43A621666371

42 B
441 B

58ms
58ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0ECB0300BBFB446C94340B7A34CA5629&MUID=01CC57B320ED629032EE43A621666371
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:27 GMT
last-modified: Wed, 10 Jan 2024 21:11:32 GMT
server: Microsoft-IIS/10.0
etag: "d765ee95944da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7D0F0A8A325B4B9999208E9AE91D7232 Ref B: FRA31EDGE0222 Ref C: 2024-01-29T17:30:27Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0ECB0300BBFB446C94340B7A34CA5629&MUID=01CC57B320ED629032EE43A621666371
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F193 14 KB
6 KB 51ms
51ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=randomgenerate.io

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:26 GMT
server: Kestrel
server-processing-duration-in-ticks: 868485
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.136.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 182ms
90ms XHR
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.136.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 07 Nov 2023 09:08:30 GMT
server: nginx
etag: W/"6549fe8e-17704"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 30 Jan 2024 17:30:27 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
297 B 121ms
121ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://randomgenerate.io
Date: Mon, 29 Jan 2024 17:30:27 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 0247 0
42 B 148ms
47ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55136780&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:27 GMT
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame F193
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=randomgenerate.io&sn=ChromeSyncframe&so=3&topUrl=randomgenerate.io&bundle=pLJurV82anVVT3pTTDFlSUFxVk1MUTdnJTJGc3JMU25OTlpyNGllS3J6R2R0VzZs...
https://mug.criteo.com/sid?cpp=5lkFTHx0c1dsZVdPVG52akFoVWNmZk11ejZQSHlCcXVPTk1oczhSaEw0WkxqMjR2RWhJM3czcWl1SkFGYnpldDRNRlgyb1k1QVJncHk2dkFRakhpaWh2UnFmSnk2TXk2QXgzczJUNXJTT1RQdHpKdEg3dHdIc1owbzdQcH...

454 B
669 B

302ms
302ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5lkFTHx0c1dsZVdPVG52akFoVWNmZk11ejZQSHlCcXVPTk1oczhSaEw0WkxqMjR2RWhJM3czcWl1SkFGYnpldDRNRlgyb1k1QVJncHk2dkFRakhpaWh2UnFmSnk2TXk2QXgzczJUNXJTT1RQdHpKdEg3dHdIc1owbzdQcHZpS0tRQ0pjTU1ReC9rd0lHU2x6Wm9TNGU2QnlnWHluUnVtcE5TYVJOVFpmRFBvaVdHNExtdjc4L1FyeTZxYzQwUm56SVcwSFQ5SEs5Q3A5VEFRbmxBakZJKzB0MXlyUWlyWUU4MVQ3dWtyQkFOSmUzV0ZQT1JIT0U1UHVDaE9SYkNOaXFwTTZoRHpPSURIRnE2UzZFd0JjWkdnVXJLY3FEU2NqUktMR0czRjJ6ME9nalFDWT18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6767d49f6e02fe4b1784730a37a54273411e0085e2096ca81d46ed64717d3a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:26 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 985980
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=5lkFTHx0c1dsZVdPVG52akFoVWNmZk11ejZQSHlCcXVPTk1oczhSaEw0WkxqMjR2RWhJM3czcWl1SkFGYnpldDRNRlgyb1k1QVJncHk2dkFRakhpaWh2UnFmSnk2TXk2QXgzczJUNXJTT1RQdHpKdEg3dHdIc1owbzdQcHZpS0tRQ0pjTU1ReC9rd0lHU2x6Wm9TNGU2QnlnWHluUnVtcE5TYVJOVFpmRFBvaVdHNExtdjc4L1FyeTZxYzQwUm56SVcwSFQ5SEs5Q3A5VEFRbmxBakZJKzB0MXlyUWlyWUU4MVQ3dWtyQkFOSmUzV0ZQT1JIT0U1UHVDaE9SYkNOaXFwTTZoRHpPSURIRnE2UzZFd0JjWkdnVXJLY3FEU2NqUktMR0czRjJ6ME9nalFDWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 498457
content-length: 0
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 1212ms
1123ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 29 Jan 2024 17:30:28 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
15 KB 359ms
359ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1030135560806665&correlator=3666785487408094&eid=31080255%2C31080678%2C31079963&output=ldjh&gdfp_req=1&vrg=202401230101&ptt=17&impl=fifs&iu_parts=147246189%3A23022552162%2Crandomgenerate.io_1000x100_desktop_middle&enc_prev_ius=%2F0%2F1&prev_iu_szs=1000x100%7C970x90%7C728x90%7C990x90%7C970x50%7C960x90%7C950x90%7C980x90&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1706549428327&lmt=1706549428&adxs=150&adys=882&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&vis=1&psz=1400x3658&msz=1300x-1&fws=0&ohw=0&ga_vid=1132696889.1706549426&ga_sid=1706549427&ga_hid=979407321&ga_fc=true&a3p=EhsKDDMzYWNyb3NzLmNvbRi875ay1TFIAFICCGQSGAoJeWFob28uY29tGPvwlrLVMUgAUgIIbxIZCgp1aWRhcGkuY29tGLzvlrLVMUgAUgIIZBIbCgxpZDUtc3luYy5jb20YuvGWstUxSABSAghqEhwKDWNyd2RjbnRybC5uZXQYvO-WstUxSABSAghkEhkKCnB1YmNpZC5vcmcYjPGWstUxSABSAghqEhcKCHJ0YmhvdXNlGJTxlrLVMUgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRi875ay1TFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pTTJrd0x6RlhTblJUY1VkNlNFbEJaRkZDV25ONVp6MDlJbjA9GKn0lrLVMUgA&dlt=1706549425364&idt=733&prev_scp=amznbid%3D2%26amznp%3D2%26hb_env%3Dweb%26hb_adomain%3Dgeekom.de%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D92f92408780a98e%26hb_bidder%3Dcriteo%26hb_rf%3D0&cust_params=origin%3Ddirect%26ECT%3D4g&adks=1204794351&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401230101/pubads_impl.js?cb=31080678

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7cf9ddaf5c83bc1b8552115ec2a25aaf9b8a5df6861e67e1e486fc6eecdddae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15008
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D81B 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:27 GMT
expires: Tue, 28 Jan 2025 17:30:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CEA6 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:27 GMT
expires: Tue, 28 Jan 2025 17:30:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6774 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:27 GMT
expires: Tue, 28 Jan 2025 17:30:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 614E 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:27 GMT
expires: Tue, 28 Jan 2025 17:30:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6EAC 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:27 GMT
expires: Tue, 28 Jan 2025 17:30:27 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bl-904ac2d-ef0eaa88.js Show response
tagan.adlightning.com/setupad/ Frame D81B 83 KB
35 KB 46ms
40ms Script
application/javascript 18.65.39.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-904ac2d-ef0eaa88.js
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-47.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 721227e405c71a215ad0281707c7ed0229784fd0d2e140ba275c63af7fe5c9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:28:05 GMT
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-version-id: w_E9DujKBS9QSVix6tjbdP1e7eaZiFKC
x-amz-cf-pop: AMS1-P1
age: 7345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35543
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 29 Jan 2024 15:21:47 GMT
server: AmazonS3
etag: "9ee11e8091ca70cb87e7a10ed58a8e08"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kezOKressn4dGdrKrwWfYa88L4AgB0ZP4B3-mwmu00t64L0sNAa9pg==

GET
H2 200 b-935e2f1-22fd8186.js Show response
tagan.adlightning.com/setupad/ Frame D81B 71 KB
28 KB 57ms
51ms Script
application/javascript 18.65.39.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-47.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 14:25:36 GMT
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-version-id: TSM1sCYCFVBYqK8r2.wgiAybDtOWIo_C
x-amz-cf-pop: AMS1-P1
age: 10206294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27763
x-amz-meta-git_commit: 935e2f1
last-modified: Tue, 03 Oct 2023 14:25:23 GMT
server: AmazonS3
etag: "7164aeb4f3f79e485a778007d9bf2ade"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: euT_KEpzTkwUIsd2jOdwlP3Be5cT_PPaxGI0zQGi-ygKX8cr87xmxA==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D81B 42 B
63 B 282ms
281ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AbE1w390KvX85j9Oenp-eiN88KQNfrRrEtJGLXkoQZWBRtEiPEvl1jihILvVRH2ASsGZ_VQYAvUd0sG9BzhKl7-I1H10kTvoze3AeCxLqi4-PyuBA

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D81B 89 KB
31 KB 395ms
315ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:29 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1525518/72172419/xbbe/creative/ Frame D81B 277 KB
82 KB 332ms
210ms Script
application/javascript 3.248.239.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1525518/72172419/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CDKo2X86noEY_cVD5D7bODgX0nJKGqWMopmSeUoxdxFxYUUi30Wds4smSU9rNR9XU5z1JYy3zJK9xBJW0GL0LUnRyLxxxh3ZPiDzwcY47wzPFhFhMO3TJ5erKy9TuWe7xTa2zxAHllMEG4CZCYiNAo7R-PSu6yVseEq1tJFKfezo6xOHcTlZLMBkQHI2lt4CRuj8hnEskUAKAmf-A4pPVEG0UW-n-n1Zdmi_ZeZtyka4lkMZVYsfi6WLNv68ypRzzc4HwlZK7AXlL-kPE8oZQ8R3AbNllo1wGgFPIo396X9wDNSHPrb42uAwqh54AHkwl2s4R7XVwPxyVTSPaJ7L4mpUPL5PQRpjQNYEiUjxIMo4U6LaUA8AYsNUT6DEGATBYZdIYIgMHaG2m7hNSYYBEzWwB1AWx3CoP54GUT7xhCIOrJQDMqJHKZ-JXDxX3a7i9yG-uWINVQ8EsTtg4eH6A6ZBzCy0sIHQSz65VZGEKhbdPlWUZU_5PJ8RqsHtJd6jUDGHw_aYyAwEFQG1a1StJok9P5557Xwg08stRAw24-SIRv1voXZ-eHjKsjbCZYxMO_-q_D0Oq6FDvwZHP88sFYovswEiuZABwPN4CCEdB0X4b3tshQVhe7W3zgnGw9H8m5BpAoEYHbUPlRFLEj0q2t91Ciqvv7IGXEWqjDBTXKss5ufVRgs3MhvloLj2ijaZ58GVqF7IRNP8ec1_czeoLombdBVxiF3nWPu09tVfyn20aKIp8fW8u3E4bqqOgsZfzOk4_zmu72lM1vd3pThtSNm-NqhshSLilJntYfE89m3kNFVcdF-AMDTN5a0Ef74EVYEwdd-pvlzd_wOoTwyx56ZS_kcSFcb3UYewBX8bdtBWwCUiYnu4LowWSM-Pc5jOhCguXL7IDBg-sQdm3P9gZZmlJOMul87eWSix9tH31SIbrKeXo9Dkn-nn-MCn5Pw6HXd1yia35rs7BVjgE2WcbYtSvZFgCn_QTOn90CN1jn3abAGfwaqLOZpNZrVe8AbZmsgPdpVLrkVhiFwKUgfcBELb0rnAkgNVVHEPmMSk-mgkQ0cOku2uAIIrIKTYD_FLN9qCq-4fQTkiPDvCnI_e8VwQy5MwebWa2oKHff7bgi43Tf5YcgaXWzH4n-6gBZkBhCy54AZOoH0Mdb2tT3AHGl773VX5A4LUs8sp8Wuaa5JAllwURog_vtdq1sIxcNn1F69IjgKBTK4-f9s80UHgBpUNi04OWw40wkhi2dBddlbc9XbqyS5vJqdJQlcUqg_1JkXum9-zhXCC8jZn8p0gcVFdJLqDi2gvUdIZfrE2pC3fDAXcKTQtoLF1k83qwtT10mXjNb_buN7wExbuHP543UwLCVITznMWbi7SC0qRPxnMknZIRLtE7itKzXXMWESfqc1cOtPG18vT-dhSYalrJoJeWQEf_TI4vtVfB_F6kP38qvh2JjgtprtK0QamUf0hhZPOEmZ-DX3dMI8-ARjTkGb1KZUySPu1sXYoe7MLn9GCF3XDSF3eokY7TIOjqLPLsm07wU1IjLoxqdvjMnXd78pYR191RneaLHESyYnkB-i-Mf_OaSfNA8eFDjDjIHrQPos1OfFuKLoaADfgpEf1SbyFeuXIf1I50pnROhzBmEI5Kou0WPvxmofYKURNwKYIjnjL9e_MWnVx68tft0-ystnH9zkkZKwdikQARmPNm9j5MFU85jP1U8Ihqi3GSvnbwkx2mUFgPPRehtljLn_n28kgA8DaC55amBaw-KbxVe98ldwjhCiy3HIjZ_Ll3GAxp0znU6IDFZdYM7wccXq6xS20djpWICnyBf_lFNQdGd9ghY0GX-LHJfuVmBA2BbmlbXl0_nyNBsktOvD_ISyK_DbNDPupMZlq0bJWIDpEQfEZ8Xw5y7fS61U8A1YabsXCqDtH0XlrLqq58uTZwE-zmXiY69Ay2g-Upkyk26vVAzR5e2YfJOgENJlKgLos1dJiulehw23WdQVNZrDgLAHNTx2dFDtnohsIIwB1nvcT5xPMtvk3qMgvze_t6Xjok542ubdwyfSmylxHJDO5gt355n71Zb3kmmZyZddmM8JBIbd3NlfXBtk1ypQ7gch1epVPZqkUZelLEswOyOJEx8d0zh5Y4FYNkb3-DKnD3LUK2oAvXawx4hOpiEfVN8cxyzw_taJSsp5enZR2OZ8OagtgojwXoRDcy0JHmEBq20OyxpyZGUvaMSLW1xzpXuQrvxE_vmPoYL27-Ds5Jj5E6bmbgyjS_7XIJFxBwXuCRkek6QbMv4DgSL3z0GucWRrD2IvxbZexPE9GcnVM_MR0X86UHnpGkL3h-dYsPPQ5bYJELkZrhImnKCuDk71bhnN5HJok2_xSymVJdCfRXPaMBT-qBAqrm_4fGhsexaJjv2IKoIQv5wDQpQMa9iTNhswVYknrxXeRQK_A7cDRQiE7-OhvL0LnSSbJt6U0rIaI6TU09E5TDPIyuQnKPor4KOlj-sUSVIzVJ6ScmWYlfdpV2VXlaXxDJUQBtY2_REp4jAER4dMfr2DEREjMMmrD51sfg_09Ckm5978ueKWRSZlWyJJxOlpnvsAd8_26gofChyVkd5pfKF4whAmMUoG2JlQbyNnmRKPCcgXgZq6e8nOYUMvttACgPhHv8QZ31R6BrS8sfae7e9VS1851oVTM1q5ifPXw0rPEeHDcSb52o-HCHiJdTAr5HmLecs2iOUAi3yW6GsPUjkZ9HRUv0xxGV3CAaQlhD9Wy5hop_p9JKmA_bUdbveyzAYPBjQdsrJ_L0VvJcOMT2vybQWuD_qhh_lgQfeci_RhhoSpDGZ6BAKjzAWzz_ojSSekkjeHbN1r32NTcFoC6WPoISWBj-scLimjXJ5fNInfnsSaMYvJbMYWuxdGov3xRZdMIr3-DT0Bp8tFdqpZYyk3X7uZpk_Bb5gc5lpuI5-LIgOa-QzSISnLEHDNoNew1p0Pdco06V-9uQ80R6veA4-ZLrS6XVud1UTw2wJko4IHd9esj6voAdyqKEqwKr3x8XLel7iuQWIAUVsZ0O96uh21Shw82ynSwaNm7kPMlmpbc-_KAhDi0opOrTGeD4hqvpoTo7JZQB6Dh7MDCoRv7VP5piLGfqxKAw1IEGUUlUni225CG2ckvocQVcAfRwVmAI-FOkC_GjhrU5FjFgWnmJOWYBe_2fh9dushQ7CBXkkONFcSvaN98wqzK_NDt4ZNQIK_s-DkG-x9RxV-gzYyuam3ImtFtlq14NdP_i18oaRydhPBcX3xbtPAXATdggiegpq43ZeWpuSppHCGgPN804xSdYhZXgWD4LiNnxTbxXPSW68TW96xXgOxfZU_XARavBqmC4zmeAAY9mBk3JlHp3GbksLmXE0LxSEjMG_Hm_8SUV-djiuhSjDIMl9lS1M3CKZDmX_7P9ONZXXGNUJViJf0XrALTAGQJpbhxNUqKoSJ3Ejc24uBMklX4OR7WLZt90JCY70zmtXV7-ZGs_ff_6LsMrNHi4kL2QmhJl1UGLgWZ9QcYB33THLF-r1ZnUlORJ0rkgutfND6MRVHXoM4rSzkuIr23nW3XAw6F28rzCJzH_Vq4Fr-2VB7FLFgxvaWeICOnb5-m0JJoMJPdpkubt4bQFAE6NL1xshveR7bnRJTOyAEZbfg0XMXgEQ3aFoicKL3SJ0qF-9mCE8NGPtagsBcVTmP8vwIdCyYO922VgaQQgEEjsALx4X_9Xn435f_tEqxLqzlQjQ8ZzYZ_KGPS8obIgm-75V0Z7FKOr1w3xodVCexMTEdVrqi0fAW9Bg2hgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=20259181566&bidurl=https://randomgenerate.io/cpf-generator&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0j8qcebmfGpnEje59UIA44M
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.239.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-239-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e655d84adabb2f9a6de8bd6784b36ecfe085a4142801acb690342f90bff5f495

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D81B 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 21:06:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D81B 20 KB
9 KB 44ms
38ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:41:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D81B 0
0 49ms
48ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTyqSs5dgRkw-4H5gtZmuhdZ6unUBrvU8ta9OtVy0oxUXk9M85zzPzaTBNoZLATX1zI82juIeiBhxF7qV5AyhpDp3KnNA
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D81B 205 KB
65 KB 248ms
162ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:29 GMT

GET
H2 200 bl-904ac2d-ef0eaa88.js Show response
tagan.adlightning.com/setupad/ Frame CEA6 83 KB
35 KB 65ms
60ms Script
application/javascript 18.65.39.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-904ac2d-ef0eaa88.js
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-47.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 721227e405c71a215ad0281707c7ed0229784fd0d2e140ba275c63af7fe5c9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:28:05 GMT
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-version-id: w_E9DujKBS9QSVix6tjbdP1e7eaZiFKC
x-amz-cf-pop: AMS1-P1
age: 7345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35543
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 29 Jan 2024 15:21:47 GMT
server: AmazonS3
etag: "9ee11e8091ca70cb87e7a10ed58a8e08"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: FAKXC2DY8tRAchFSbdr3CNC4595RO1jUyp45LQ9fXA9S41Ppt1QGtg==

GET
H2 200 b-935e2f1-22fd8186.js Show response
tagan.adlightning.com/setupad/ Frame CEA6 71 KB
28 KB 83ms
79ms Script
application/javascript 18.65.39.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-47.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 14:25:36 GMT
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-version-id: TSM1sCYCFVBYqK8r2.wgiAybDtOWIo_C
x-amz-cf-pop: AMS1-P1
age: 10206294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27763
x-amz-meta-git_commit: 935e2f1
last-modified: Tue, 03 Oct 2023 14:25:23 GMT
server: AmazonS3
etag: "7164aeb4f3f79e485a778007d9bf2ade"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: li3SIR2z4fB1HqpJWUK8CzweTuph81LjRPM1CPAAGXFp_gAXL9_UIg==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEA6 42 B
63 B 276ms
276ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BRRGH102bJ2b5oXjGEE6agN0k8p8bHKbat4OwEDuI6YrwNOBxpeZ0yuUvrbkNrAuyl3jVN1KcDqNiYtmngMDOMDwhE38FvOubY2RBnBDUHuAYI8aE

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CEA6 89 KB
31 KB 336ms
256ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:29 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1525518/72172419/xbbe/creative/ Frame CEA6 277 KB
82 KB 331ms
210ms Script
application/javascript 3.248.239.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1525518/72172419/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-Au_pS2S7MBI0Kp_EeXTAsumq8GFitrGRKJY2NJKIlpaYfH4C301xT1GbDVqjvGiBlow_m5QmN3lzcK84afd_5UBIMT9hjelfG2jdz71IHCUnRMBQcAMXrmryoyNDhzgV6wMyiZdXLwiUTtyiG0S0NmDITeXXR6IhgAK4L-O1s65nN_KlTJ56EvkhJFh3sjgKRECeweEskUAKAmf-BOWPPBk_LSgKJLoYCFM3f4nOGV8elU_-9Eo3HJWugPaFd_CCdtUYnhI5wyCDZvPzQJ4oy6HKyJJhlDKQfFnBL1GQhEohM5fvI3V1OtHDt7jrWo4YdON1zoasqRYwlEVAx6x4XeWrZtO5cSqdpP6gnrmRCIjg_cfPnYRF5cB1r5_BJ9UoZbLk6m_dpiXQLjHndhgGHOgPIZ_HFBIhi4xvMUjHjmw9_LCJLPBaOlvOcKQq2Ka0ooRG36oXHKuHH26iaOUFvIM0E9UPtjw3UllflSshMeZtQ6Sl7NjgnEpSewqHWCCZK29vVp8iLx_BGmnFK3XQRORoV29luCwsTNgvz8dhWBmB4YB3_3BODsttnuk9VgVtNopyk7VDJVYdncsTn4SF-eCZATtQl_uhvu_JefqdfYEfWWWY5KZL8yVZA_mwLYeJewao7rqa5iixXR0WvZslcvfF6qDz3LZLQmpwMPWl0Lbc00CL3Ut4laD-iAykd20ix20kVbHNc3UYmqjC_yVuO0CQMIWpk-SjpLbaaa7_B_HbtlMjVwK8zeHx7nUVKFtgopJw8K8jbZWPJq7bcpL2ZBn-GJ_4mdFTQUEFfwZXPoZmQzbndmthuxj2p1vwnJOxpC8WkVf6w5y5f9iYnkStbNH-EYkDOJZ97KqTn38VOxmWH1zkfWnjSbeiU1CnehnWe1vs5YYGmJxTRcBVSXtnnhdwdC8uUnlcnIQ27CSuxHUmhuMXe2ybuVdP83r2-wmEO0WFzaFBSF_EhtWFEw3JlE6MLrsJdFAIjOklw2D3bRHpaKRVfRMw4_fFcHSl6Lbm2e5mkWPJ3_Jwv82XTKb7G9IVSL6tgKhYNpE2ggJ9s5iZg1SAOQji2A7ffnemfDuTAzPqZiF97otEY7KvC4yo86Jt9oeV36qC3ptJOyUtI7Z9nLq30pyRH429WTYWnWxyW7iuT_ken9pl5p9bPwgyf6J3WX6SnGmbUlmKL8b3HnnY4VRHtG0Zuo5_RPxF5cUsFFl3iGrXnL5Z-ksXzn5cSOQEd04yQmySglS-2jzPgMizpW5xY30EuFiZyGubLE_CGEmE9zBa0n3gOvN7I_0F2XrJ9hg-dfa0uNPzIiggLhfh1kPktdAZXCzipjpz_LrabtRs3r6jmbJut1jbNBxgLAMk90zai2QyDbESBSr3tJTl6-aEzZdE9ZzLKqO3xjYyn27sFOKVMRijd9soXmnn1vFDNsF48isajA5lR05LEYb34y0rfejtuKs1egdIIkp-f2rbPVmeVF37mZuzihF2VoLoJknjOZo2A95SQaKOWfdSfjYmz0bmRdNN2f3m_DWJkopClq1_3kVKJVNTSnWz0LlgdoJVRDOXYeDSGzw5nRbG9-ZySiA1sHe5Mo78chaeUwxkiBK2Fz1Ak_2dOW-GR_U0Q2keor0AmMb15dG2gfXBdYGU0dWVDsEcCgp3Aj4hqzxH1j0z6XZlir0oqNonDLfzWycNuaXHcoQJDDQw_WNlgSiM8uxkgbrixPpb3HsGne7sWHkHZ_xisCNelJlxSkfm3R4sF9VfY7OeM9nTjxlXrQEdFPU8RDS_eRcaDvcuh0O4nSgmlktodMef7fb0uJQn-qng33vLp3NwSq8aihz4_byDO10wDEUXiYLhbi1LGpDZWJbG-aJljmA45Be8R0rujZJcmEPr_9msrNGBndnkvDsWjS8qhQE1fe0-tMz0seUOqNGg5_hRO8JuQPcz-zQDG53eVtyM0yDyHjBUkl8sIevZBRCQeGAeMTlaJxrf_eO6PWYyfbbvHWHrn2awqVOvFYEt28BkdlKxib0VSFQ4g_Fpude4NtNlMnyiUbfOGCMqvxRhREM-qtbbwJOZig_u11020BNmhLWvwPuh9pJMEmbJHsH6Wd0KLKU6I_QIH85mFYuWri86SC7fyOYhSB4CfISYp3v6x_TALwiv6pb62Sxvxwzpyvt5Fl9KuoORUVsE2wpCbkEUNEI7ZARrXFO70BgP6-cQtsnXlk6p1mTci23nEYKzWOY2ESFsQLRdHDmc-NcgTxPZR0cBx8owzG45REg70koMJe9m-C8blaPeRUNHZlbd3bCvV7hh-O9euq3SDvI0CWI1tnNyNKGo2PgsWW_PIKev2j2kHkix5OjAG3sSadZ5yHNO-OOaLC1rXZsKaxwPs3yYa157cDNr3AmL3lLOPw3pIS2hp8cZzLwx1MLs3J5T4aZCromuPlA9-LeMb2dqliDFLxzsVwoKLM9oAL48pH0cT6-71-LBCucrThfie5GuM8hRDv69TkwM0vFQ9fn5fVjyeuk1NQw1qORDEYy61-3WETqA9EcugzzApNwceraWNY8FU_RiTHh2mWJxXksrxwDIJTFm8RKLUQgEQKEFIAZngb0IMEHqqeYBjt4JDg79OjOIk1rxThy2ikP28PbhFnE5DYXbWvd6tT3nR5VO5gBWqScMPOYdOb3lsnsEXwoU7Ya-32cwq5nNtRb2OigrIhFUHfuvWzX5kHYlEO9OcfrBa-zACPXHMNSqABCi3AMdpxdrvnGoq3FLDvdjMCqxyhNUvTQok26_VP1xZZMsSefotnO760yXE_kjrRujNeTt8fGV-PRM8o2QXOSonKVX4kJVMOx-On1O5qh1K6TCib0FL6OnY2Tp5LNssNU-IPYLuWihzeUoT1SeczNlTf5QALFelWH17uRTd4Q46FiIlHu0zF9UD7dzBZM60OWixLpDX8RoWdJsnfnrl9Ls52cBnKYrmzQoCABcXjCYiRmZFSD_hR2wpkh-YJ_7m5wcG2tHCBT_y9ArCfdoBANOyZ0_ZdATiKjOEiOTjYuEWY1_0cYtzp_XtcItldaNns-eqcsMxb7whXvLhj0AyXMNJ2bkxCMgVOgHty-Zuto7WEhDI_P_jnKzdQX5rD0ma9FqPiaU4rZEOdJabT4UZjNP-eGelpP6_0brume23aPezv-_qWfvaW608N2ZfY8KZGiZD6STeMGd8yFBym5HDFOCoDf67E2VCRQHN-3PcJn4v44hUxLK6k4ZiBh5YHQ_MjlAmytiOm_N2EmFb_pqQSZ3HBeSlSnEtoNZXYg5nuh1R0Talu_BWrNKGuw9RfGAjdjhrUgN7upgNTk2YcaeGggTsRMUWeq-S9-waq8yg2E7MtUxpgl5ci-J5s_BFkdjHla4fTVkgZGsKDrg7oSJ0ZC0wAX9rBVPMKx3R8dGJQkS3KDWB4ly3RUBc9JlGxAZ2sQzAp9uoe0sdTshOpRwv60O8zCM4hc90l97xJppkDc-U3dKHrs9VIZHlYt7529nZIUgzeHNRTSFP-f_pv2jZdI1-YP2u65Z_yKxG0Nd_sJl90L5bCE75yfyQWuAEB6NJMeGi5qLo4uITpwaLEYttX7m-X5BSH40-mew4lF1CWrOrF2uRBQ382zuSeF0tHMup0gnVHS1XE6fCso4etzjY1orTHi2UdfKJnjimmuuwykmm_UUD9GHlUGgltDloSqriWgOkU_bHBs8jLuegZ8FEaQQgEEjsALx4X_ykPXm0GGJk0k7RWDGIr2G6H-cbDCCiw20Nv8kF_3W0nCVspQr4ahEIM9zctteiX84KTVMrOdhgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=20259181566&bidurl=https://randomgenerate.io/cpf-generator&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hsa905jyWxz5hmM7O_PndF
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.239.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-239-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d3eabd63d0cad1555c13f18ca673589a6e6bdfea173a94f7b054cc1ec9940b76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame CEA6 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 21:06:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame CEA6 20 KB
8 KB 49ms
45ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:41:57 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEA6 205 KB
65 KB 134ms
48ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:29 GMT

GET
H2 200 bl-904ac2d-ef0eaa88.js Show response
tagan.adlightning.com/setupad/ Frame 6774 83 KB
35 KB 92ms
88ms Script
application/javascript 18.65.39.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-904ac2d-ef0eaa88.js
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-47.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 721227e405c71a215ad0281707c7ed0229784fd0d2e140ba275c63af7fe5c9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:28:05 GMT
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-version-id: w_E9DujKBS9QSVix6tjbdP1e7eaZiFKC
x-amz-cf-pop: AMS1-P1
age: 7345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35543
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 29 Jan 2024 15:21:47 GMT
server: AmazonS3
etag: "9ee11e8091ca70cb87e7a10ed58a8e08"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: yOGFj-NzEHK4Ui0Lqr6pCEjtD3haPniwejTesB1uxm3jHjSV1f08VA==

GET
H2 200 b-935e2f1-22fd8186.js Show response
tagan.adlightning.com/setupad/ Frame 6774 71 KB
28 KB 103ms
99ms Script
application/javascript 18.65.39.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-47.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 14:25:36 GMT
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-version-id: TSM1sCYCFVBYqK8r2.wgiAybDtOWIo_C
x-amz-cf-pop: AMS1-P1
age: 10206294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27763
x-amz-meta-git_commit: 935e2f1
last-modified: Tue, 03 Oct 2023 14:25:23 GMT
server: AmazonS3
etag: "7164aeb4f3f79e485a778007d9bf2ade"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 5p3hoi15Q1jXI8il2QkcV4odOQvLMoFBe1BCtrrsw_nA0OVdkgxGSA==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6774 42 B
63 B 267ms
266ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AMBCCcIPC3QPKOfU7RfeETJpidQN2hykhJhgCz4pLKxnxgaNSfidBfdehn6dD7afnwp6z8YwiZZhgkm5DKGJdP_et3Zoh27YX-jD2yD-p9lJoHFTc

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6774 89 KB
31 KB 376ms
297ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:29 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1525518/72172419/xbbe/creative/ Frame 6774 278 KB
82 KB 179ms
60ms Script
application/javascript 3.248.239.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1525518/72172419/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CHnW4tRvN7xrlrsJWzW5o_9lyYQVWwzt6ZWZRLsqkkGE42KH8l0FvPdqvwEL_owQD8z8ahMbyXEevFxYeiuJH_OEXp14GYAcl7VN3Y1ueb1BElDKS2J591-Wd91apaMe1dTVUBcHBmgaa5l67kETvyofQGb63cfXs4EeRMrkU9fEpSbm4metaH8b9tI5jdFQZWy_buEtkUAKAmf-A40QHaEsHyRFmCKAIDVuEGZ-z_20v7sKqd4k3Bvd_PclE21c8RMKf6_tV3v_jPoCHAGBMULuAsKoQehcPq5RzFUseWlh1eS4cUDaH3lEno4PQjzthOXq7jPisCm4alcet_CmnD_BfYceJGPDjgPNYsWulEY9Bc57m3hMxxlZIokNJbhautg6dW1xmp6IQN7Dznkt0bn5KhwiVd_FboSJROBuvqAckRql1OijZG29s5o81fX8hmM8pferHag5KK5zra1pLN6hNiO4ynShVWj8pPkm8pIluHPyP3WFW9gZqszKQqOr3IBVofLeFNsGx2TbEUsF-eIptwa-pdP8PSW4YzdKsH6XsfRMuQvsJELNt33F3Eh8vkfq495P6eui71fwuJ79EfMMDW9rOXB7kmxSQY7VGtQqkSvro4TOwwtKoK-zrIvDSPxiLqPZ_O29sSMVUM8FPrQotVqPCdG8bgxl8LxR2FN3USVYZrmyQjqUzeN-P49TAlycWislB0CQhiqdxHrNn0EiptBJkgFG2Lh-j4VwtjlN6VhYUFVAHby9x6m4Kt_a4sykySdS4A_lCJuZW6vyxjYohzdd6pbl6NuHBCfUJWdacXp5b90ly3PUHG2RDPL7-5LcVte9sFXyymwuded8ceextKucmKmAAfc1iIK_pQMWMBt6dONoSEg2WshXWFZvi-bcu9F3_fWQABFY7hl4rAzo2g5p0jU7h35yh-7kyEHeIuLaqtPcQ3OFlAnx4NKdf0YSAgbQVJ2J4iU6bTrLZVf9iY48Ry4iyRaugbMqIH4EEVpKOscvtDqz5QfjopSu27XbqCorSNmBjwo-GGKHiohdl2EZgXdArB7og6UMeAtIcF-R59kJPcY4ZB0CXCwZ5ifIUyOedTaN22s4YYivKfqtvF3R3sxkZNSejbEIGc3dbXgLoASXwkO2zA7gjJDkyZl97ZTqWZL9SuwmIjDPKX0PkTCAGIZwergOML1uY6MC3xjiD_z2tKrmp_kbIfyZfGF_tVPoGYQWZn4ER39iPD_WsIogSonFFo-0tZqwVMIbLpP4DwPnDrOlHaF0mZsHwqBtOkDWvP8bzyHPWSKikSa2-iAYR1sA1U1fLARj_KmaZ0sFOZPakahGw9CdRqsxGZywXdO954IL0Rr2ue554I0TIpsSrrg_oSchQ9Ur0u-_wbCcmQXcWhxhbhbAWtc4jZzZQi_CKC9zncq1LGQcUwL9axz262a7IFC3ZmrL4EA4t71y4-JuKgCDPZXr8dqAhhKp0-6QtxLCk6RCRLgtqzzdWc7XDR57-FLy0jYNNxwj3RSMZsQ6UT-OHg7Pp1F6cAde2ReQ3Zkotf-20gViqUeYDRXsVcuNZwrwXrqY14hjP21GgJb2Ny5dXGjXhYI7ZnY5TIvniioW6H3c0q8qCCHsBKFujy_V-fRJ16ipD5EK8PjSD-cHPphdsVl0vdmmhbb1dVNNaJKmb4HkmL-E6jQ3UV1ETXjWikhCn_jetgYh102dqeSyLD5v8LG1UKRSp6JnAPE3sq8Whgo32iechi9SLvayVlzEupPXSakwhZNZqsKuEylP4A0dbcpTyXfHT5l929_TwS0xZN_tRewYDE2hlLTwAcP4ygsq_o_mP9LWXCMkFdA8mcytySc1sZ39ymW3Yh3j-lriLe2enlfogXZDwZnMfo_d6Uph8_z9Q2HC2rhNoj8RoweIktThVapIcRSpEqq4gStUOkZyYuJ1xks6kOeCrh6hn7-JqZzA-lzdlUqkbNlZUyJZEH3Ao1xu4B6bu3qDj3aGcaYio9EKi1-WfQOu9DAfsgKYFWHVrv7Np_CO78ub5wqEgsX-8F5pCkydYGwL7FA3jFRDIk4r8C8cpfE9CFfOhcvlzv562zPpKyMZUxjUHr7s2FBIz94U_lYd94mYp0Hu1TIUUZMfF9WTTVyCZZzQ3dGLiYPu5lAyc8JEdC1SCq4Z-YDXtjhEA_t8Gz568hYRoDnrUqcet6O6cfbaYn61xvQYJrfBllrc_SU61HJLvWFO8mx-ZybeVPc8FvqrNnq3jJoRzIMB4WDfH3I92nVdycamZsf2O571RHc8N8it7AYIx4Jpc6m0xBJb79ogZ4gpAvcQbcZUA0bbx94YhLLViYe_UoGqxW-8P8fDEPew-GW2Tsq-TXhZ77YPaydn8CGTfiTiho2TweAMH_K24HDRuq-5Mpxl_HnHCc0nSWXWxqMarLKTsrAdf_ECeMVfRV0n5qhIy53cvfLbQLGoyopP7FZjhbfVJahOJHVv4hANTsxNdTQCJYn6Q0St7DJrUunCcbmxKH4FatxsEbV9ni2Bj2ksC1hz4i60krKylvy-NvRJycGtySN8E8BxPgKZ74URctGkVQcAQVo_TCYaZOSdiKKC-jmuTV2wBzJZcM_l_4f3_6qKvrvZNy1TMxOXhTiVXqfq9YsOoI0eOVAUtuj929TDG3B3BsXgtpfCqA1VHS8LmLuN5iOzmeVil_AXwi5FyNtnZax8ysLX6wEsQ9b6s38myOa5WgALlSBdGKiHSxSj_qwqSUvkvg3S2DQl1qRFeAoJhm4P5-Yc7seqhxgpBsC4_gihfKMtams6ucs5o0JQyut1e-Yiyo-7QSrz1gQL0VlQN81tvPf0_butGiHL7DK_PEmlc_b30d8-hpISsxusR46UypCpKeqlqW39kpsqBM4Eqw-JfbYyA7QxQAwjLQau56vs01FO3b8Gvw3q_OhXZ9DARq1LkBc3-moIzqNmH5Qk5FxAGUDzZMZWXGECQSbu6jbIU5kBH1QYWNkoXINoEllbBve-j_MlNtL3O1MlhLvgVaD3v-6qaSNf5JrBzHJfO1-CPrNiIOe3TPebfJ5vqqWgu9XSKd17o7I8DWkUVWMiWCAipjbY8-QtSum6sX0-GFdLzjWPmep3KCVAYQgd1DLE5tbIpdX-bMJprhGCAJOm9Qu1AXZIbUR3YqFIg3_FRhEtPXYCnF3RYrDWHz8ihiT1FMhqW-Ks--mZPLIHWUNKld1W7HCk_BMJ2KwRytL2PZtDFlJVYT9HxHn9uPtapq3inlMaQisgjFNHxewJmVBaBRAQKniVF8dnBs1uIBafYZwSQrbYkguE0hnnoHOjZzu5Rv0Db_3Spxv36R7c0YZStrYof2mER_WmZn7VJ2WkDCry3tJX3XPii162xUu79fZ-w3gDYnUGW89NfNpWEfQqlCEJdMYeF2Kyn4KqDclmvqHyjpAWEQQDAOK5qoZpxi5ddkEYaQH2fhLlJAYs6MLIs0jVBtV4SCLT2iNnGUBP7dho8255gfIgr-TImhCp0CteTGea2VIMnRlriqOli17SKSm-90sf9wV4qVyIp1PtdISdd4LFW9EJznQ7BGhCpaOJ6reQlpYzGgj2fctDn4vJZS4tnIen8X-pl7bnxVnEVwrXQkYRdKB8D-buodRoNVDrja-2OiXnrazNB0K-l9l7zsk2nmy79Kou0WzNYzox7GG4E0-2Fb51MKm7G0tG1av4vgDlXm5T_BZ8GKf8h858C5sGR0GkEIBBI7AC8eF_8pD15tBhiZNJO0VgxiK9huh_nGwwgosNtDb_JBf91tJwlbKUK-GoRCDPc3LbXol_OCk1TKznYYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=20259181566&bidurl=https://randomgenerate.io/cpf-generator&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jwHMlOfo9NCMXeXjyXr71t
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.239.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-239-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6b71d498c7e1ab2e9c66252ac7c07c73dc23bf2444bd03dc7a221f42348095ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6774 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 21:06:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6774 20 KB
8 KB 57ms
53ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:41:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6774 0
0 47ms
47ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSciiS35g29ZccUuEt0Kj1zjG6ZzepCcSnCoi-Hsh1qYGdlqY2-l5OW3YAUDhAKgOAU9AwW53W2MNyZkxObW3TXFPentA
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6774 205 KB
65 KB 223ms
138ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:29 GMT

GET
H2 200 bl-904ac2d-ef0eaa88.js Show response
tagan.adlightning.com/setupad/ Frame 614E 83 KB
35 KB 108ms
106ms Script
application/javascript 18.65.39.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-904ac2d-ef0eaa88.js
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-47.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 721227e405c71a215ad0281707c7ed0229784fd0d2e140ba275c63af7fe5c9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:28:05 GMT
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-version-id: w_E9DujKBS9QSVix6tjbdP1e7eaZiFKC
x-amz-cf-pop: AMS1-P1
age: 7345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35543
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 29 Jan 2024 15:21:47 GMT
server: AmazonS3
etag: "9ee11e8091ca70cb87e7a10ed58a8e08"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -r7eqA21YQrMRBAFprUTJyn8N-XfM4imMlQmuvVuAnfGjVT3lA5cVQ==

GET
H2 200 b-935e2f1-22fd8186.js Show response
tagan.adlightning.com/setupad/ Frame 614E 71 KB
28 KB 115ms
114ms Script
application/javascript 18.65.39.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-47.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 14:25:36 GMT
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-version-id: TSM1sCYCFVBYqK8r2.wgiAybDtOWIo_C
x-amz-cf-pop: AMS1-P1
age: 10206294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27763
x-amz-meta-git_commit: 935e2f1
last-modified: Tue, 03 Oct 2023 14:25:23 GMT
server: AmazonS3
etag: "7164aeb4f3f79e485a778007d9bf2ade"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Og4H-dXJu7W31YQMJpcSICywcP3PsxWmEW1XL--2vLJGBDk4hDTm5g==

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 614E 42 B
63 B 268ms
268ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A0fqj-lcdh3nbwt8dAzR4rROwR30KDuIUXIYHvhpHzqVdckYLjA3YkWxrAhkdqsKkZAdDLXp_NcCaOtjKeM6xGvzC0R2H-1-TryeUujy9XWbtukSk

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 614E 89 KB
31 KB 271ms
195ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:29 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1525518/72172425/xbbe/creative/ Frame 614E 278 KB
82 KB 327ms
210ms Script
application/javascript 3.248.239.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1525518/72172425/xbbe/creative/adj?p=APEucNXE1pRH3d4z9SQfyt3Tualq7ton8E3368i9psL07nZ-FVH_EtQ&d=CpkBAKAmf-CKqo9LYHemr-BHjPAvlWnmA_IkMH8Zgwms2n58U78QOIzCtCcFtCJozwQ7bWck3HnZVT7YRsOyGKiP86yxuFy0Re6Leh66UCfe17JeFar7yB02R88vBloSG7ZnSyckij2mvpQWTKGXldjw87JBg3kcs12vypj3ZDoTpXi_AZWgezdRcp4MZOf0ABfMm5zY-6ibokg3EtkUAKAmf-AGNPKqnJ6SmXrVRUmkEUFKsdV7ypJOlr7q93Ic6jCxLS3ZB5WyVsTIYWYoX1mOzcxdUXTSftH3gMO3mGg52BbTnkQH7QfP3MjTGu5B0KOQbe1jsLGsaIdXGBZa4BeP7ARWdzCWc-26RArjqcCGfB0WMA1mvuDEt5Ic2RBBzNAXOOlgLfJK4HKiPkbCHmlmL34F09Y_41itLjItBgi1lvudqCwDrL5tF7fKSyJUDdWhgOCoXF7K29sG65b_a6NHTL3FoAFG9iS3d-Bk0J4t2lUsHSJ-cyquXVD-ETf2hvz3VDPXeVWpyrYkC1cwxfobaxmvmmdtNUY6FLLk9VYgnIkNG_T4ku676mgVDLxHmy-tOJQcGYhORB_FWa9HvsrbwVuGlR3ZiGVn2y0bbVU1RMLsLlON8f7GFdAu3sMmnm_zYRMdMF9eOc-StrYhZ-E-KkvIrmlQTOyguAmA2CASFC1aIAn1k3amBG-Z2SUUwgVhBjby1VQe-eZJoQQddzVa4FQIElQ3pPhGcSw0L0RO0IMUcupCdEDdU0PZwQOmFnLXx7QItad7jXD4PV5dDpKbqxfNXgLN94FCq9zjucuM14l7dGVPxMxYyiTgmMg7Jo55Xv5LJioaH6X5uQPXQHBw-IZrTuqMcEplk3Ua-meyA2svNU0u-cF8BSG6grre-Hs_RqaOaFrtuGUUUi8gGQVg_32hZJoAyGxhEk8Hmrl0aD1y0niTtZY7JnjI59-GvguMMyEcTgMR3HInA7M96Snxbvadw6XwS2EphFzzbpuqYVthBpX9J8Kp3Hyx2eNFJ3lGzwuGrkzkzkQluKDfbIrKgzb1rGHvZGZ91StKdqfmn7Yj7eri-up12QtkClT1SfhZ_wpDF79DCuNleQcAD61T2djoLerbuTtyryWasNrT-tQCQXc9CgeC7Mlf_UUR4x5KpP-2zFONxtHVD-jO2W6-0JPdNPnCOf1nk2ubcp8VUzScZAIsLoFT6nTCiQZ9mFyNbJovSjg-F5QZeB_51_1YN9VT0w3cLm6af1ebV947X3HjAIBUxf49QiaYl9bcEm_-dZdkoev6A8u0W-qdH3Mw1zkIUWoltKi2a1p0IvDxmKGZX2ktcCYia2CIxUF22e4XKY1Axp83mrG6YsjSl-eCkJ-GuIHrXsYan757QXlmGqD8LvXDCjJfstNRboLa9ubGNs7DyRRHL2AUmaiHHtnyLemyaFnQqnrDunkKpoHJ6XgG-P7yK3IF8wshdvuetGmszs6TLCEEenPK6OKgNID0VX5fu3RGmSWpEg4DBkyXfXOTFIVt4mWMQoU6UkffuPlouS-969oCa5v1_gEhNBgLASR77DFboEmyGs79M1IUKznKTu9rCS3YUkgPrxTyMWYvK65giouRv3sRYiqZVhkB9-pGXg6sww8IwVyFrCgiy5wwb4kNNI7DXvaMTOh4F9kXHiIvtHgAfkK1L6pXoNp3v03Rctw6inErikh5s8sO4kgo34fdREHBGBJ9C8PFJq_awv6XFobQzRiU0yJtro751jOE6rvcwC38BjV4lLy4AnvD50Q9Ah0-Fpqg234MSgh0GfJMHf3tdQ4Y-rZIL-Hl2-nUBjKgguiLTNI_EMnPr69zso43wvKZBJH895SXpi5kEkelVsOdWLq0Sbz53EJ-kr2fzq9VBLON_cw7SinRYVi3G0yVtG3kdBylss7HF48YmWxGBUIX7ZSY7YURkLGLrnvoZpgZhUlWRQE4UFrEGTghsDL6QJBeAAQAzMZsgNEuRF5ZOF1SwywBNA1IHYeWHCsHLz110Dk2XvuoMNdmAhd1wTcOT3hl0t7xAi8Upia-BtH9sb5RHmOXad4kGrSogSmmmSN05Brb0oHdI5y045xdqujiz_rVAUPlGTknJEnIUj-xf6X9KXdc_XBA1P3tmKURZxdW5YJTaYcNZs3eib58a8aDA7fDTGmA6Tk18Fqm_ZITLg0GcGKhCXIuvC2aV2Yvjzj5C4BiFLXvvVvDxiNSGAje8GanmG-3dXvidkYyzTnSYHiDSQTZEVsfIBAHpVOSgpKefrZD_4hoW3OpDCmBWegyn9qdnsadoHRftEiYkv2uC6Dg1ejnfshokhm3TBJNs_MidWWW04kBhxWur7C96F-KdeSlCUXOZHzUgZ8FYvV3WBxJbxSmy9QlVwIhNzLq4vifUCguMGAYTcltR46yCbUfJMAXNCDPOC_UN3G329za8vTwHD51z7cpLS1QrUv5VcSNXTdCIRUrvEIGQRcT3Y_p8HVW7dNN86oePoEhoHcdaOHxTIwJh60XzqJ8XwAtdfJfZur2nq3s_mA3VNQ2BKwzhY3c8z_Eo2uTU3LfYp_FEWcGokEECNBnOsAibpT549qhWeFh7BzhrzByw4rK5Wt88J7Tki66XGN7cnfjI038wWC_DUw-snlK_ycDwIsQNp9ebXlj4HhJ3-o4hVFzx92zG7kbnsQHLyILE8lmnVcT6Acm-6CHMGh0uZ75WILb8BM0YiApWLLSTI3dIrC31a9IPZUYUEWyQBfvhjRLxNBQ1GW3wpSA5FdNC0BRMmeKa8xWBJ0PGIImQdhi2z92GZ8xMplzZ3WGEecg5CpMjUQ3--vhuLGpxDDyg9QCF1u5OFfJAlL9HbE-znMwPb8Dn1iu3ErWwGhy-XLhV3yfw94tExF10KWRjNOK8T8q9xuNEvSQm-Cb70QgSsTogEhc3hHw5J2IB_BJqXTbIpiU62GuXvPCULc6QgoGzp9u0y7fmVXVjh3Mw97L8sHeCskdn_LaMNQpm2M1pvxYMu4k66R7NGP2acGqMlksVo1tU8I6nZKZYrTXb91v1AXBfiZLU-F7MHkdIvZFy2IakEn1guhqFO56768MQsZqMY4YNEFuebarNOscAP92E3NU-yGbZAbPM2S_M1cBelC-hletLSFBipJlmBs-vWz_nURV-vZ3gsRGk9dNuREPtew7fH8_PNDMvlb_kkP-QoQPO2hd18qOM1g5FKz6q-bjQrXaslHNWmdDWthJbZWyf9i6tM5Kw51rLc1ZyhE7r4SnoD3jLFdGZucWVttHaYcMf0LqlN9AxZVFTW5KLgl_GTz0yH400H99u-xJSI05l2sjPl0p-dG4ZBQAjvXyZ6ngX3nqbDB3FqfAwEvW7VkymPFws1fdd58m5307jtRdZ3XINa_iawLd8thMOzCbX1TGGMB615_z7867LGhJEeqELkh0uYXjKS6xs-CGfanTJtU-IpBRCvxS1Pm-5EtpvoB8DG4QAnGBGKaHkMrrpAbPoMo7OLP9s2YcCGs_kcgW2xFslQ_fu_XZ4rW4vQ-yG22mBh5edd4v4z3s9MM4hr6CnShl3Ym1RSpqlS-BQnKW73Xr6pEks599wLM0FCCNV-HG6iwpFbtxeVIepNxAU9FK4PlnEvzaUYdGIzwADlh-vOvt6Y8njRe9LLl9uJOlo0SR5qalt4LUl0kohrVCXy7y2SkL2I_Usk-yh6kwz1o5RaPfugu17kFgxxrwJG_x-VPBCvgI09ms2aEsGkEIBBI7AC8eF_8pD15tBhiZNJO0VgxiK9huh_nGwwgosNtDb_JBf91tJwlbKUK-GoRCDPc3LbXol_OCk1TKznYYAWAB&cry=1&bundleId=&ias_dspID=3&ias_campId=1013352973&ias_pubId=pub-7383171830614216&ias_chanId=1&ias_placementId=20259181566&bidurl=https://randomgenerate.io/cpf-generator&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0ioPmDR8RWXgHo1ySzGRWxr
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.239.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-239-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6e2b532291948181cec6860bbf9266f51102fe73fcfd52222db4d91d748618ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 614E 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 21:06:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 614E 20 KB
8 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:41:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 614E 0
0 48ms
48ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaStxTy4SMxInJ7gNgWFO6YFDukQBXVkhWw77asfYOpyCe_4FJhtkepo97hc2sVOXQgIHtxY46uO8IZX3cgGMQj3ksfbrg
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 614E 205 KB
65 KB 201ms
119ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:29 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6F96 13 KB
5 KB 76ms
75ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 13:10:24 GMT
expires: Tue, 28 Jan 2025 13:10:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 26CA 829 B
1 KB 133ms
48ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81ab19fc750d70f1f84fb527e8234c4174fbe5c8a061320787b2d87be9be20fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WHGAPT4MtnsMMjvLB5A_Qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WHGAPT4MtnsMMjvLB5A_Qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:29 GMT
expires: Mon, 29 Jan 2024 17:30:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 bl-904ac2d-ef0eaa88.js Show response
tagan.adlightning.com/setupad/ Frame 6EAC 83 KB
35 KB 101ms
101ms Script
application/javascript 18.65.39.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/bl-904ac2d-ef0eaa88.js
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-47.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 721227e405c71a215ad0281707c7ed0229784fd0d2e140ba275c63af7fe5c9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:28:05 GMT
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-version-id: w_E9DujKBS9QSVix6tjbdP1e7eaZiFKC
x-amz-cf-pop: AMS1-P1
age: 7345
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35543
x-amz-meta-git_commit: 904ac2d
last-modified: Mon, 29 Jan 2024 15:21:47 GMT
server: AmazonS3
etag: "9ee11e8091ca70cb87e7a10ed58a8e08"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: nwazSvv6lZia6I16XkppKV5r2_IvvhiPw-mhECaYQBI8OFoWtNlLFQ==

GET
H2 200 b-935e2f1-22fd8186.js Show response
tagan.adlightning.com/setupad/ Frame 6EAC 71 KB
28 KB 105ms
104ms Script
application/javascript 18.65.39.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-47.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 14:25:36 GMT
content-encoding: gzip
via: 1.1 2f7b5be8899520ed019685dc425dc306.cloudfront.net (CloudFront)
x-amz-version-id: TSM1sCYCFVBYqK8r2.wgiAybDtOWIo_C
x-amz-cf-pop: AMS1-P1
age: 10206294
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 27763
x-amz-meta-git_commit: 935e2f1
last-modified: Tue, 03 Oct 2023 14:25:23 GMT
server: AmazonS3
etag: "7164aeb4f3f79e485a778007d9bf2ade"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VT3oqAPNeehPKYuuCakXUUifu_wpy_44yLp7TEF58ooHvlN0RtchaA==

GET
H2 200 css2
fonts.googleapis.com/ Frame 6EAC 4 KB
767 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:41:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 17:30:29 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6EAC 205 B
650 B 127ms
41ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:14:30 GMT
x-content-type-options: nosniff
age: 29759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 28 Jan 2025 09:14:30 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6EAC 604 B
695 B 116ms
42ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 14:09:46 GMT
x-content-type-options: nosniff
age: 12043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 28 Jan 2025 14:09:46 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 6EAC 22 KB
9 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9462
x-xss-protection: 0
server: cafe
etag: 4236850132385514013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:31:16 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EADE 468 B
534 B 166ms
78ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNV1TMzhAr_SyD3tJjsCcm6gavn_Qne8HpBmK4MVsXxp3TdcNiviDsuwax4cmKc8aw9AC_05Dy5NQPo_WVr-h5uZYZjK5D_x97wq24KeFoQvjR9XgCK5cLouH3fYFvWmL7GDQRurxMLkja-scHkO2mtT6Aidl7EF_iAbugLidfPTPr36zgeLpBYMxk5KqbuUyFbtYNnVYu4-9o-ZiFJ2wcnpmYzxEA

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 178
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1B75 468 B
241 B 78ms
78ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNVvEs7N1us4npJPwEDwmGg9CuQJ6HNXptsRgsMTJJZuGhs2IppLdbACUCEf92ODEefuJ1fiP7SZLYlsH2VIz70OifSmF8mem-T3ZVr6lhYgrX8lzV4R2uoygL5AQ6OjPmEIWm3kiOFS14t1s6b8NnxqsQIBhBKYoWh4vnqRHXbZC_MNgyxHioQ70FvHb733NIGgzXRa2XaGnPLdwNqUH9HsAGkhKw

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 178
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame EADE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESECdpfjlAMAIOHzovsp6SR4Q&google_cver=1

43 B
398 B

167ms
53ms

Image
image/gif

2001:678:cb4:bbbb::13
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESECdpfjlAMAIOHzovsp6SR4Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNV1TMzhAr_SyD3tJjsCcm6gavn_Qne8HpBmK4MVsXxp3TdcNiviDsuwax4cmKc8aw9AC_05Dy5NQPo_WVr-h5uZYZjK5D_x97wq24KeFoQvjR9XgCK5cLouH3fYFvWmL7GDQRurxMLkja-scHkO2mtT6Aidl7EF_iAbugLidfPTPr36zgeLpBYMxk5KqbuUyFbtYNnVYu4-9o-ZiFJ2wcnpmYzxEA
Protocol: H2
Server: 2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESECdpfjlAMAIOHzovsp6SR4Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame EADE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1&C=1

43 B
338 B

106ms
106ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNV1TMzhAr_SyD3tJjsCcm6gavn_Qne8HpBmK4MVsXxp3TdcNiviDsuwax4cmKc8aw9AC_05Dy5NQPo_WVr-h5uZYZjK5D_x97wq24KeFoQvjR9XgCK5cLouH3fYFvWmL7GDQRurxMLkja-scHkO2mtT6Aidl7EF_iAbugLidfPTPr36zgeLpBYMxk5KqbuUyFbtYNnVYu4-9o-ZiFJ2wcnpmYzxEA
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mho4hYmhHNASoywZ2iWYOd9GD3qlRxt9SCIO0g5Zo5wv8SWYDRZl2cmZH02pjaegFoijolQXHQBgMirAPGe9PVyXfRoBZGo%2FuSqk3xjFRb%2F25USdrqYu0ULdUxVwbG4E%2F7%2BAdY843tfnFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d33410cfd0266d-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nugTwiDu9reLKTy8HoFh22beMT1wN7hH2EjBszNYwh00oEt9zZaxhHz%2Bv7oQDQZiin2InOhsozwSL6vIM304fadMUUUrlYbZaUnaz1AuZrJV1GFxPCuhdFiYLKgBQ6ODGlSo9Q0cCDSWFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1&C=1
cache-control: no-cache
cf-ray: 84d334102ece266d-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EADE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbfgtSybyfxkNErkAKZKfwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1

43 B
772 B

119ms
119ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNV1TMzhAr_SyD3tJjsCcm6gavn_Qne8HpBmK4MVsXxp3TdcNiviDsuwax4cmKc8aw9AC_05Dy5NQPo_WVr-h5uZYZjK5D_x97wq24KeFoQvjR9XgCK5cLouH3fYFvWmL7GDQRurxMLkja-scHkO2mtT6Aidl7EF_iAbugLidfPTPr36zgeLpBYMxk5KqbuUyFbtYNnVYu4-9o-ZiFJ2wcnpmYzxEA
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fy%2FR%2Ft5SxzbRKSRzo2amXbCMCIRxWLFm1Au5xPH72KO4eqhbodw3Kvg3fJTyVAHtsAARi3KN7fqC3p2TmkkWDraNwjRxN089N2tAW8NmyLRCaSU%2B%2FYOJz5YbDr1W3Fz7awzbN8YCka3BFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d33411bed42685-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3FDB 611 B
310 B 79ms
78ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNU_CVgwTBwM7FKE8sTdfhyVZ3Goku9Kym83Im_tQDUemDF9Wvw-hxNZ1B8ZlsMAmjwPGKhadZXQpAiWUJwa-AE0Fl_TvbBD8KyDIEmiL_lNakr9C64P0dWp-vYnjBMVQgfAhlzEpgB9mhOp4762swo0C-klPqpRXvouRbDvQA3_0Nx8JhLUPZEfNN3gjsRgSTTCAqWS9FB_sJoUNiXw71I28r3Evg

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame 1B75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESECdpfjlAMAIOHzovsp6SR4Q&google_cver=1

43 B
398 B

169ms
56ms

Image
image/gif

2001:678:cb4:bbbb::13
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESECdpfjlAMAIOHzovsp6SR4Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNVvEs7N1us4npJPwEDwmGg9CuQJ6HNXptsRgsMTJJZuGhs2IppLdbACUCEf92ODEefuJ1fiP7SZLYlsH2VIz70OifSmF8mem-T3ZVr6lhYgrX8lzV4R2uoygL5AQ6OjPmEIWm3kiOFS14t1s6b8NnxqsQIBhBKYoWh4vnqRHXbZC_MNgyxHioQ70FvHb733NIGgzXRa2XaGnPLdwNqUH9HsAGkhKw
Protocol: H2
Server: 2001:678:cb4:bbbb::13 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESECdpfjlAMAIOHzovsp6SR4Q&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 1B75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1&C=1

43 B
330 B

109ms
109ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNVvEs7N1us4npJPwEDwmGg9CuQJ6HNXptsRgsMTJJZuGhs2IppLdbACUCEf92ODEefuJ1fiP7SZLYlsH2VIz70OifSmF8mem-T3ZVr6lhYgrX8lzV4R2uoygL5AQ6OjPmEIWm3kiOFS14t1s6b8NnxqsQIBhBKYoWh4vnqRHXbZC_MNgyxHioQ70FvHb733NIGgzXRa2XaGnPLdwNqUH9HsAGkhKw
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iIH3odcqR0b4WvKt3qYgnmZkUXVg6nC0qoJXkFALXhZl3vd7N5%2F9YymPNG69wtf%2BTMdwUT8kYWXCHrHvsL7zIznN8YtEpHTbQyrImMV%2Bu7NFFw4m%2BoGmmh6X6gu8XNRcO4b1SFDuryPVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d33410dfd5266d-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgfaijkWwctshZNU3cwWp9pkwnFDeKqS0eLAfvLjqeCUWaweSx3%2FsjU1XlpjPauwVDcScFnNRzvoIjqVJenmVISytOajFPpvCxaW8whBqq3JAliOoZwMKSF99SSSST3Yb0X99pG4H70vKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1&C=1
cache-control: no-cache
cf-ray: 84d334102eca266d-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1B75
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbfgtSybyfxkNErkAKZKfwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1

43 B
728 B

185ms
184ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNVvEs7N1us4npJPwEDwmGg9CuQJ6HNXptsRgsMTJJZuGhs2IppLdbACUCEf92ODEefuJ1fiP7SZLYlsH2VIz70OifSmF8mem-T3ZVr6lhYgrX8lzV4R2uoygL5AQ6OjPmEIWm3kiOFS14t1s6b8NnxqsQIBhBKYoWh4vnqRHXbZC_MNgyxHioQ70FvHb733NIGgzXRa2XaGnPLdwNqUH9HsAGkhKw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xofjyu2bKlxsi40DkGAilmaR7ei63VX6baVuk5AvMTt5xdMsp00D%2FJRzcXver5BJXUEVt9YEZuIKibfmeuvpOaek82qeD4yGj50nJoJMtOBcZIoascXLbuu7dsIS5j%2FDiFTIa1O6zzitaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84d33411bed82685-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI8JIbHrkKZgb-30RDWvaFg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4A71 611 B
306 B 78ms
78ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7d6o7gEwAQ&v=APEucNVh56P7O8fj5NefBrxDvSsj1ozwWlfC-OJzzv8dWNcsw2VaXQp91xpIgmLLTAPhdd24ubWOlkFgWwQkGNHxkze7T0YivD8m2ecdc6N0ljb8TjpfyGbiQg8Naq--OJvw1CD7rYCh0bBlOMOksQaYL3WJETRqGsBiffJzuC8dzrWwrnbU6CNf1CRr_yfnG9qwxs_Pn8n8Lz6WgsJn_q7wA2jjeGy5lg

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 614E 0
20 B 286ms
286ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8764681176254&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 614E 0
20 B 308ms
308ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8764681176254&version=m202309260101&ct=76&x=1&cor=1316125485932548400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 614E 16 KB
12 KB 100ms
97ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-COplwzb0TvIOEOVoPZFMJMtkKJ5NrY4Dfl7WQDtSpdqEZdz9mcoX0p31cGRWokhvl0NPsPQNYCESlSRkPuI584yvbgWkqAlYlvY1ZV1ISb7qqIKTZyW2qp9SDntmMI6fakUNEZ6MqeoVq1hyJumTjTC30Dz0-YoPXxcmQe83rIJlA0rWs&cry=1&dbm_d=AKAmf-Bn8TDkGys5KzDI1hlvLH-PRzYMsXuQYs1qcMWTEtq5xRCYQfgqlE-em76s4rdWBOV91vKv1MPGHoFcoHNfkZKyTefu554S_ledgYltnXe99jzLqLZwUvfCnPm3KEVUMJvddAv_WCv6GbYSU5QDywAeSZOiRz1Em_tesKmwEx75mYJJyd7WAWa8jJCHmWofqTUcUt91ke879oEI8k4t5lS7NO_Xd2uT4ZAUwPcoBq1IpLrhy_oovZl4V_9rymUfvfMXLdiQaKGSbCPTZqsxXKiwe8JSavYtz2iELVWfgpaMROeIWaRAk4KMcCbmDXhkvZBbaECAhUSHEtvxeh2qe0O0hnj62a2hVOj_EGEgsclDzrJRB1TC6EEMo8QhfO9TXQ1aFVb3oCkgVl3t3UxQzN-IhLVaDavSbJz5GT6rTfCxWTtgyJfVrfPq9WIGTgAu_Ht6E36KlbO89Iux4rBmcX_kL-jFHvnzsVTQ0uSWgxcq9xM-3Svb56RDH18-d73A3EhZ7r0c6dJvWhJa4dSQPc6el4RalzVFO62pLBW_Try80go1iE6cnjUF6lW4btAmJ-j3jTckiXdLKbBb7issQuN3mkNJtG_76eH-hA_V6w7xqX8Ih-TMECmZREW_yrasyd8G1yIyjy3S65wSQk35iP2Vxbsj1W8Op49ecndcZ3IIdP6pSCBYsqdDyPHf_rzfWPY0p6joic7egEL5au3jbYYxvhuR73TDusjegRbPW4sAbWAaR_SMtyTVqItTA7Ky-X7CV5CJK5ygLRtKe-VNcdMlW_8tyVWM97FbWMFqQGKm8Id7y0_lzTIli0SFcZbrUtRnRqLolYGPPOc9AXedtVNn82zyXiS2eBKiSNukhBKMQ5_iCeZZoeHDRaNjJbuoYp95K3n8ICq0D0_6McwiXt1ilWSyS3ojuLyXrotXmjl_UlzinauEl_TxI472UuoTYZNWzhEkx7x22zgtvug_M5R_bmRNxl1Tgr0YErEoky6KsD5pDo6Y-sTeg0xPx-NEDnAmhgvzectNrlcYj2NEpREPl1lhy0S5wg9uJTPMciVm73bRvzsHq5bmJoPLO2sMjaSB1lt16q5fWpegidbZnuU3NVA3dSCZhw_Li1R0apuc-UZhBSZi-XZ-wk8pke7NNzC0HefaQF3wKo6qGWxCMkXf3tH--MGLBZxDNy2-BbuJ0TSdpcHXL9IhxwXGiK7us0BwtVlUWMPt_Sj-OaxAQlYgwuZumYSEeqINcAre_UjUr0rOjzP2wQ0AIj7tBPtJF-I_9x3yJWYvDUQmGY9yE7YBuBaH7kETl4Cy-hjaW0kjSbjs6DpyFNCvnQp8Uz6REPlf2vfeWolT4FQ20iA0QSoSPUnT4LiWGQ3XhHNzwGWEKO64xRY8yEbqBQi8DSzlQ1e_dxoM697ycTERrt-hl4ZujB-8lZm7gGUrCail9l1CrKCIUieLEeDhHx-2DkE-HSMri9emPW3c8nr3WfHtJrzooo2QgkPBJcTFo41hN2FxXoqRApKxvQIKV2PMfeQB6ZNHDPK9uRwnEVnlbWQOsOaXQMa2CaZAHr_9m1KO6LqXg7tlOH3EWgMb90-flYLg-DC9ynKF-zqYgZTL3att_xBBxIWu4JCSZVrmIKvmhkJmuv3n2kJbB20sx1MJQxxlQCbhUzqoiECtqMDBkWYTbPD6NL_OyOdq98ImYS4124e8z1G6_LGNqmNMRZRmeaiWXX9RhqWbgU-PzZM8KyfkrvZiVD9vCfZMDBHTHGC88GWdWHBRJs0ehC7CVVEZPoifIUHyA3quTql8O7geUZEYrQjZE0Ca0L-HeqbI2BrbpVGcY2OozTAO1mlq3r3w1NqIxlsLqoT4F5izUkteLQicauYYw37hgnRtQhTWfd_1JvzMF3pMNEx0ocBCL_68J5Wt9j53l_N4VkmrUmH2N-ZltjAVwMo3pClOK4RApOQTPjCzte-wG_4mh94p2Pr3wyqT44FjuRxPAQWlSNRNvXF_WHZTUqjdxVgXmn-EVhFyShV5xTLNZE-5ln3HWv_RAclzAtZ323mjgWt1A1TRDXMa4oloheUv48Mi6si_wEn_L05lf34SvyK5c2g0iRxFgqKAcV5_fStWhMlV2V4WdUDSBFXgVIG8rBF2F49T94XHQWC1KnAYuBUhnQBsrLCTigxy9fD4wXh7F5prnqgPgb8xh4t6CvN3HbcRkA6y_fmg2hW0YQvv8ZFaxCtOkGGCbfL1gflSKn3JvAEQMRF-Lh5e16YD2wzY56w1Sauk-bCWmCiBLN_YzULPxzovPUZsS0NTVbZrPb5XjAbqJSTB55nmjjUc28HaLkRMn4vO8hA8oOox_mjNIGMeVcSr4C9wXAoDVUiU4CRzbFtuFUTq8wKe5l7t0MxrEOpq_khshjzz6iMxHeS21uJN6h999Er2M19nvmb-6IKqRUdLpbjQ4Z2LqACUbEmxNd4JgVJb3qeOsqH3ZMwDUVaVchCD4Jmrjt7upFBEb-KSfb6yNBFV9jXLhnOetI60asacB3ylbj-ab3lSVyfKacHsanzcjXstKHQvGHJsu8iHapnTbuns2hLFjAenQWxQDQOqb7GvbIH27Zup9bFFZYNlZJrX1C0Gh1z-j_2l-bhDNFcMoaysefkET3KEpv3gOI4mVBS8oy-kkkj372mGxDuq2E6ry8A8ex3onwK1UOaTAQSelSAYwdNx36GvSjc-4gR2S7WOdg_jbCxyO01tAfqz30B3yquRfJj2GWy_EVjzq3elQ_mIs1sZyzap-TXIzv2moCU-6TEtkcY49Ps2K_NJdEmQYoTrBVigNeUpgRWfHgtXcEqRecR9Wke2QJmebb-x19XisK2WfT2__dn3AwVwhaUeQajjLzdrc-XuscvdMw7_34uZHRunlacC_3bQJDFzZOGMtYgy7CjH7Ix6QN0MshdkDH4JV0nJjjVg038qB8AgyGmEOO2jNX-PQmbywLWFrIGBAcCUASgF8GTEIvV_8Abm94UX7t8gAEaE9wq1oNrQLbgk6urnBD1nZImC9J-IFbNXp2LxiWv57Ww7-s0Wsl-tCmlG2ynxy2cB28MBEvxRDd_lx4oIDnP7-p_mv_aOpm6z7r5HxlJiH1Oso-s&cid=CAQSOwAvHhf_KQ9ebQYYmTSTtFYMYivYbof5xsMIKLDbQ2_yQX_dbScJWylCvhqEQgz3Ny216JfzgpNUys52GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Frandomgenerate.io%2F&ds=l&xdt=1&iif=1&cor=1316125485932548400&adk=3944675603&idt=292&cac=0&dtd=69

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a875361aeee744f332f2e243026ef2db52df7e19737b0a18fa2299793d27f03e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12422
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C99F 14 KB
1 KB 49ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 29 Jan 2024 15:43:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 29 Jan 2024 17:30:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame C99F 2 KB
822 B 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 11:54:17 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame C99F 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73327
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 21:08:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1629 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 16:30:51 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame C99F 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 21:06:05 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 83F1 1 KB
643 B 42ms
40ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 30 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame C99F 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64112
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 23:41:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C99F 0
0 48ms
47ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSq8fFS143BUeCFHR1UT0KSG9WrJ7kgfuXBSvaFEL1HG2G56gqO_5SEOMWq_joGi46D2O8i1Vo02T4JUy4XVHloIrGHuw
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C99F 205 KB
65 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:30:29 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame C99F 37 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:38:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 28 Apr 2024 08:38:42 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
297 B 556ms
314ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://randomgenerate.io
Date: Mon, 29 Jan 2024 17:30:30 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 26CA 0
0 267ms
267ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401230101&jk=1030135560806665&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEA6 0
20 B 267ms
267ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=852212890844&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEA6 0
20 B 267ms
267ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=852212890844&version=m202309260101&ct=76&x=1&cor=12516488076325382000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CEA6 16 KB
12 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVk6TXGqxlfwuZ0l-d1koO4U7w91ffK76CoKgTBx7dtU1tDk4cb25D9mhbM5FJkiPZEz21j88in9PjyGDBuroFwqLaSXJ5W8WBeUxYhpOKZpW86O0fGMTYW3E5f7dLd8HnWvrlsFL_abowmutaizO6LGj_pKJhk6j1XSFA5jk-nrDw3RQ&cry=1&dbm_d=AKAmf-CWZ83vK_hMCyU_mkrCShrm1-qaQYhPYz6EeVIqPXCPitZfQSEyxMwLwPTSte2CCp5p1SEJLBRAVd2raYGVKp9TEb0G0eRhR6Zq7BZwR1DcqzSxEhZomTCahu2-tDQ1QG_s3vm3CfghvRPqmgIIm5sHAehDVQ5R5_-buQBlY-uR8FELwg2hDHxEW6QiLJc1izuSUw4YjlgcPISo17lJwjmCSSWjCohIU44KGK7yFWpH9hcj6gLMf2vD-2amYsnGBSxpT8Dc_9cBs_HDnau50ch2yRCdlzweUD3zIpdaBbkvbkoxjw8kIr9heNscS6Yd-yLKpUc8-ENIbjBs871B5t7jgwgjjeRQi4Xf3gsM5_12zNQHQL2PdXrdrN2mSuJ9-1NHCpLfKoy0kLR7QxdClaXNN5gI3BAm27P3vj_6eAYGoi7JqYUOErammhtk9eRrnxMO_1WqR-1khFLLHDGwHzcmi0-iXhWFytmgDa-JHX2IZgbjU0BAbm7FPo0spjHESRUWQOWyPI2ghNcEPwq76hfQOas-We52_XaLsrMaam9f15Wjy6nvahouAJxN1KDrrpwA8O4s7R-RPZ_sB2M8dli3SZKqmqwzwheLpP9C7IxoB-aNNIqq790ysiLJc8OOs0FFIQ_PacjuXqAI-XXhe0cDdjbe_KrNCC5VkIlC62oJZ1Bu0Vnv5HyXI2AUM0j7piGMqZjusybjjo7omHSTJK0IfipRetK6dA5I7igOlW_mgTrlEQQKOzlI8Y7YV5SOe7gOsUHHQcSrb_cQUkUVltF7vGe9BcN_o7xSJ-XfKtvBRtE3DVoLR50biUCHhSf7m8JIsaBaezlD0uYBSPiQ81r8vbqnmWY4_puIhOkhy_ngVoUmPx0tUMuMZjgowHqgfV6URF1oZETk-UaEA1tHuTff2baTWUZMbyUDXVQD5_oUJSBNXIBUS9izceAQy4NyDeKKvZKqeOUKfb_BAyoEn5g2pO2SVeNlgVFajLnP1ElSYD_INtnowb5iLzX_t9KsbXcWDVh5gLA6Vv-8dlpQXjWrjK10WKRxFqx3LrXtgkoegdUTBaYUarzQqCELFZK7yesAt4OEY4Y_5JMB1V137VerJpAOMqYTqmD7INyH0Jgd1ne1PqyG_SKsTKa4hyHWfjRn4xb4T1_uArOUqILa0qP4H9EvwvPIG9_b28_OKnOcsSxrlLjiNmZI9MokMXD_AmaYytxCcOjYQVzhQ6HWurlQYzLZBjb-hGlLt2dfcVzZwZQKfDb6r7ylJZTIg0adDfodTD-y8eJNpuJbLz0DoLWB2wHmNXIKvYIrmoOVsFW_nvSx4sNvethO06jQyR0ytxn_t2UCTz6cXnIj4XPY5mIIqR4jH7fQVG8mo-NBACKf80bT6cwu23Zxhb6XUndTCoXi0EIyN4yLWh5W-HzGjbCgeKF0vr9QsUYUDFcf-WU9RnmAyrduuxhUPs9WzKdvM2w4odTmHI9Xukc_57ZBkzT8YwPmVEXJhymZ8ehom9y8hUqk1MOa2_zAewK6njkLqLhTj_BIFxQc6qdH-00HfATk86pVOpe-0y8m8CVyY1voyKP16jZ73ZVqTCtqJz-i8yUbGYXPoeszxL1MBXi5jgg1Yxsi-xSkH3VuY21hzzKOb8JreVkAbcJfIHoBbr-3qEFU4xQenwo3KG_ujJ2DJbhmwD9AeC0tp4jeNpe-KkdbWCrXJ7nMiwtqOLAOeQOsr1MkmZNET-lEvpedzLjXkJmaIC0L9C5bVEriqFvyY0nyKsE0wzLksfJ7OpMGEXoI6WkCcJKfzBVMyEsoLlshWbuaePUf8hs1P9tenncpd0H0ciMF9-beCR4BM22mC6c_ZNTYNlF4Nma6ZUtXBXnhsn7LeOcXs6Xh1UXbmLs8TkWiayQTrBQr8O6Bz0t19kopbG-6pFl9yjhTc7yW8g25N5tt8bVWMJqYnSVT_f0TGTsjx8A_cRNp6fOejCrX8uCbiMVKayY1NxYcBLHP_kfnjKZhGj8vWcVx7JZXqbU5apvfFE6VA_osbYM69ry7cNHODGwHo_dEjafdzp8Nk2j9G2EgEYy9M5NYmU_b0OHjnxWDQHrZrTYNicFE0GruBHgk8h9D3feKk64bUoAtrJ0z4PSx3dGLRPDKkF5V4MV8yuzM1v_Bh_EGqAgtzY6Efm85ChNmQ00CwvCxQf9zlg8USpVoa6qOChYNLBNsxOgfSURkd3slyoepsGQakh0icbh4BzdcncKNL7ZGRRQiJL9NP7IkzKRGjXkuB_Wb96W4X-ANYeuTiClls6gDRUBUN4L3AjL7M2T3KS-EqPtryGki3qTcX2AtUqXJdh3fiqrsCVuc-VbikGYN1T76FDvJiqleyhsXPMoPYaGIiVYuuzFGD4XH-rIriiEyCpgwtO5-MUWlcDBp5AYE1tw6MDLdktpdsJs3piPAGUKUe3rR7d9z1kWEm4HC2XNmRKYfLfPNKg1zNGzy9Xkt4YUFwIolgu_hSvPpF5r5wkEMEFZ699WI9_D_N-DwhNpnUt0QoSIEHupZLqpMw8OTXDPmrb0DbZQUJCz6XTNrmWv-8e1EbtMnJOLVbFXFlDmb1UsC8UjvL07QwYLbwykzbbEkRkRAHPFWnXSHtWQQQblzMMpx75uDMv49GDekKIVf-0i6scdp7CEw7pDonI4UwoEcOmALWurjsdPAv2RCt9ed46JZG-8snM9_ohkdaPndm7uiPlCAWup8XEx8gL3kMHVlHd9Tqvm0pyELxgeU_evD_fhNzhOx9T_2JvrFhD6SdVYtZ5QEoUJ2pg_FCNNnGiO_O698IKIilb3A_9aKxUHEmGM98sUxF8KnVSICIPvXDS7sI91n6SRfctThnyWBkSri0NP_lVk_kTpEuIDzRNDtZrz537KPGNVOzHewsFTBY24hIWxXxd4utD4Deng9Jpbub_M191mI_ilRrjhPQNNcgIgGT1dHseqeulMPJXm5ulaEE0pcI7s3yCpUx2Dt6C_rV_FhIMaHvp2oxP_AoHDx_IRPWxoQxPpZS-19nlIo7MPCvQg3249CZ-QlmzVJ5YhX53ZF9b8mO5eqMN5YTAcqRtzYlnyzwuKVkes5YksAdNleJ_eJXBKXvJGZ4s8&cid=CAQSOwAvHhf_KQ9ebQYYmTSTtFYMYivYbof5xsMIKLDbQ2_yQX_dbScJWylCvhqEQgz3Ny216JfzgpNUys52GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Frandomgenerate.io%2F&ds=l&xdt=1&iif=1&cor=12516488076325382000&adk=2857193499&idt=377&cac=0&dtd=56

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48e7290a5a4f4b099a5f8ad2c6dbdc615f58f83b6e5e26fbca25df3a0a417c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6774 0
20 B 266ms
266ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8001842067257&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6774 0
20 B 290ms
290ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8001842067257&version=m202309260101&ct=76&x=1&cor=1642837776513485300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6774 16 KB
12 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-DV0OtbA3jyO7pX4z4KIx6bzJCLWTM0iXew-sxVhTILWWMxAkbwHqCLSjavIiXSromg3Y37dW82RwQ6yglf_znVwRknPjndoL7psAjXzlbDCZny_dfYLtg50gIdipe6_B6LfCcwc985q3tDFdCTpTW6TtALAanrE5uIXUenPebH_snI4&cry=1&dbm_d=AKAmf-BdOLCQ3qAfjxkF1unXqueD9kTrGMN14v3CPtAi538ETHCtLThLb9TaUaaYVOqDTYd-CCqLZSiLWnYUaqGKkLi2iHfE-bc_lORAFbjZHhUsdd9OiJGaZR4jUHoFaqOpzcYoJDtATU83PbkyqrLgfABuJ9Z4z3auw4_uWMhJSTuv-QUkdVYsiLJ7LuyX_s4yWN3jogss0aVhugGijTpqIXXocX4En3k-zHhBIHY8Xez2cTPz0Qljd-rZ4vowC5ZzrIdHiTCjlCTUkeswrFjKhD8SPi5ThQy8fdKwKH-50m19DTx8w11Hjz68D8IJMWRJq456qnx7Ne46poHUo78hX0aG_nnOu6tsGnqxEIcMpywwVqN1GpCW9DoyaKJUxV-1bRk-j3uQvWW357SYjq8paM_UoVkY7wjUEig4oeh8VLbunhw1sBW6L-vxQ73lZbn8dJBOHVq7IQKQGpyi3kBjz02MQ0K6KRpJ8lQMQS5urC3pe3Ezaz7fG42klqJp06MrxXX0P0WfrNlRBEJ-YO9x2XvZ_wqsZEUEatVbO95eczRL3vjyO3VVZGGpmqURzrOSEdQ2izJzbsGNo1Cq48lmfNNB8xlWVN-9axRVned2T6pMmI2XA_g1YiodCi2T5afaajbZY5Sce_qMlbTqw1fabaRtHEYfgp3wVHE8iZQTWFZrktuxMabs8C9OuBLEXdGcYFqhAZsOAnDOlN5VmAq8rbp28uiLgxwHwEKKUhcRvzUJOPT6VDJeFSp05xUAzApp5rNtZyRnFH__gVRAQvIWLSzDtrPc6Ok641B023z8dXUIbOL-KfcD1QIbuEaDRB5Ki4YVJzWYZaZz0CIc4hxzLwOerE1K4oHqUKNNYlW-W4wH8ORL5BxrYH9vftP7xM1BbPUqnlCJ0W6al0AyV8vURkEymlpkBaOfGJmoyoxG8_AD-JocNVDI3xbPKxY8VW08c_WOCa0HVu8Y3X1-9Emf1fT6dwrMNPwpuxE12KKui0brW8391S9TK5rgdAI3dY3Fk3woI9jOtydIDcLAZVi85542zWcLEJuJajw3UCEewln4GqG_vU4cZ0tRl7FKn9OSWMFOguFpKXRGhLpolEswRh5QAe9UDrHsPnkQ9CedqdXfvD1_E66DCC9cIAteX8Pv7cbjRCtgMCmGYY8fuIurCDC6CAa6wozJLWaRezMpnFcm8Pn45wB9hff9zwiIdF4SAGinu_0ayjTT7nEpRKLCTz98iDWpjjjMXcvZcKuU0J-kO29oRL-nmEJpZ0Y8uzRbXHxFjY4cXjBCZYyDuqjhNdBnJK37zQWLN-QqwxvZPjIPS_7NQu4Yk1N9c-G4yM1Pxw-hvfxb20c943Ffw3a4knMUEB8vIsMBolgvvQc2aMG4oHFVAGCgMCwsnuH7xUJPZTIIs7eyGTVo1LI8wngQYtryUK7Ub6uReiwbmXGiAOuSMugyjneba3tANrNQBrk9cvsaGdEzA7Yoa_QLYWA6vhMLnICj_C7uAnxzptOFMooykmouezRPFnTVgb---qyHqU_DD84yL511CWfHuJG5Nje7hpRyczXW2Tkup_30jh8Dacr3-R3ca7ttcc5w5uGVxQFFrDuJJyfBIdyfk7uDIK25GUBXeZ7SGQRx3qU5lAKMhjSu0YOkJrpWZZUjP-N9JT7MCCQiPEXd43Vf3SRE0p1LPNdSR3qvEKnwsWjjgwd6cK4jh3alBfg2Ym3Y36mxQMs3v_ktvhujHP5B2XBOdvw9EgBuFBH6ReDB9Ai6dANlTRENXGMFG3AWVjERGujJqgxQFuVn0WMFw57cXxxPBdGTiDslbezzb0MRafNHyPGBPIieqcxkjiotMHEWp-75j0oUIlbc1gmWxpS9vNHJCNjkVFX8ZuMSrytwP0ZUkIKwFLuWrcvTacecjbiqtRupRW-AWoxP7qVz3kGHnuwX3Zu6BRw-ot_7t4tSekWhOWUBnQxNgi_5A47eUFR482QVvZE5XuAlAKhabh5TcpjjJxIr5_XTCD5e9wTm64F72DIKoXXa1l7coqDYJIzOQ0z6FpuTB2lDWbNgA6vJShopW2iSPWwx18K96V5mVqL07z12o5iHwT5dppeeRmmWc9VwllFx5UrDP6fQsTrA6i1AFDQJhYqJGOpFRie_1Q4yrWW9_Ozji0Bj0He5HOrZBNzBdvvAYiBjk_17lQJ2F9w4o-9q3yCVOCBEUuHt3NpQvfy_z7jNN-eyyqO6HmpK1nrcC6ZqOOYdTdaN4KoGJm56XDsICAQhjVQOb2weP9wIHiYNxXelnVQ7NWVA6TlMtr634_aUoXlr-fBzjVil6-z6h4lXuY9_mCoYN8cXeu1-1N1XOvnbj8oiHKkGWKQF3bDgaEbXxbone8nNdBr2BUrvaWSj6PR_3dklDxfmhAz8p1_3-qIaLoXXJL6m2p8K6gDwox0AViPs33YM28FzcskDfLhh5FK__hZxtN4Z8lc3YOfiYLNlj17YdmNgvpmB32-2B20t4R6x1FwNmpG5_6K2nqd4aWxmq9-iuQ2HxzdqodJjsHI10jlZoFvy93UPA1Lrdel--eW0t4Nowv1-zj2s1mTw7mNkB5TAzpkWn2YLQ359h0ZoumKxRFquB-ElrcJP0ZcpaV2L5qUrpRZqK9m0m_Cq_5uJBFpABSOttyLGV3rntheJYsFnwCdW-c4JLIdLatGmAq6tnL9ZKCUqKncJPc6MeWSH9VkkmW1Pj_hgTzdGjuPtd38tVmkpxeR1DCuKK6N6VATAC-PyYuxSYmJY5vZoh5kkf_KZbihA9IRUa-YIZ_XJQHDsKLNvVuCT-lOctW30eUwPS_taMuqGnwT8FxHW7Ilx44_YgDZ92VZygTtfViu2lJVPv5-Ml4BsyvL6Z6dLoLBQpQygT9GeSGMLiXFyH03_l1hxF7mG3uobY58rYJAl7866PSIU5TbbEa9ytku238NU4IKYWSe9AkFp6o1EqtDdQAGHd9wax0Hr4_9NHfsqraMhkb_rtCGDamktkH_Mx3Zfu-0gb6lYBhRPDwFgOQbdyUD-PFDSNEvSkLgdJl3JQ3lRNN14cHTKHeqmGR203QU_LnXQqGK1pXcmj2UsMGrED3nATQj--r7uwP9N7rJGDxw&cid=CAQSOwAvHhf_KQ9ebQYYmTSTtFYMYivYbof5xsMIKLDbQ2_yQX_dbScJWylCvhqEQgz3Ny216JfzgpNUys52GAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Frandomgenerate.io%2F&ds=l&xdt=1&iif=1&cor=1642837776513485300&adk=2086295848&idt=414&cac=0&dtd=52

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eebfa29f44fe5d4ebb3b75f76240618b62b6d70de12b43b5517ce8bff5209fd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12258
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D81B 0
20 B 270ms
269ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4363397849924&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D81B 0
20 B 269ms
269ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4363397849924&version=m202309260101&ct=76&x=1&cor=2669711429223994400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D81B 16 KB
12 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B0ACUhp0YiIVl4StXLF3WQok8xeG1SQW71yMe5ROIsZAMfYR7eBMGcHSHAcRFhvtwlco11B5aSKTS1hYKePUj1koruJhOj5P3LdaGV-Kva7fNoiFapxgzVhkN4yb6vpm6YfRbXhdviJdhlj1fvBY9KQkv9WrxMuJUqI_QISU-FTLgDsUM&cry=1&dbm_d=AKAmf-B9DhGskpysoZFkKpWhm0oI-8jpSMT3iPxOSQ9XlJORyrjIJQvnKIM6gK89gOqp4ULJ_wFvhOhe7P8A2eH4MIuwOzS6CQQQ1iCqseadMH98DZbNwFY73ytShhh6ykXgFNS-xzU5_urdQt0wWRzssr9PXCw2UntOnBi884vAzX3QM8o5tn6GE8yGeEZsQdtFvRkhT8xC853QTfZt9zuijwAcdHXNWo0rdvNKa66ABFOblEZuUgNgonD5i7duZYtRi9xGtb6unuVNduOFtRst5CaRsbQUy7-rxAvnmsx4FuqB9ATv5u-Pc_RD4ovvc6b4bR4czcjOuHZUr3vfadJXcFkvivl4lr5zdEBBSAElcjpSdk6NaorVuFLmWyjGmj-Rwpe4sgpma5yj3AaxuOtzc7XrQrTwTFqxaAZ4vq0wn0jjQssOEu0BaLCZQjMGqtPGcm_aHdGuLdy3aST50S6psgbJXOMFHm-IHBPCsGichAFPvxQK_cDz7WcRq31gJuBB6FEyp_QoEXIxe_qYheL0YPm_YZxliWckYxrnoYj7ibZrhcpju_cok1b7aHgx3sFKQNzbTqkLD9hxfpXDqPGi5a5XMqyr4Tw5ERUqQ4lSU70fjszIXeRvZJMGRj9SC5F7Nlvpl6aCKPuWUL21SKrAHFa2Aiy8YgmZ_zlbvVMy8NX_7aEqxyVD2djcdzy-DWyAtvZvfmDOkMxaser_94cjreKYK_3-KcC0lUMfxB717TSmS6s9zkNsOiElORcPwdKO85rehe7G3HCAFk3y5gh_595eGJ-vITS8wvpZJZPmOPLmXDrCsnqlbc5Be80lB-D-l-hnCAGeqOmSPqNTN0An_b32kvxqNETuuJeJW2-HwH4M9dZHO18umg4doOTnRSH8kA9m1yITy9yegA1nXHg_Lb6NXhVJDeduaRpvaGWmxXuMpLPhfuKgQE43D6ken2bX3QqktxEIi-3TAc4mn5o6E-3iaIuFp5SYfKiBJAYiWExWDqKDGCy43Ex8I-9YJa9bLG0iEvNT4_ZtUXfLpAaMNsRL1RA2GjGKDECluRlx11KqujsWu6jkEGSXUiDUfyBkXM3bHAqOAZL14X-83TcrUyBiTftz2w9279FGezadbX42JmPKUruj9h-JxXZm9LFFQHcXULke8w6Oc_V6ahi6_zRgYPMlJgRgiT0WyAhle62jy7B24MkPfNuqYbwZJS1AX2J_9_plBGxqcY1ajqioMsdeTdc-ej60xjr0m8YQwmpS1OwO7y3creGSerN6YaK_R8pSP2Gfj9J2TVY_hOWhfkr-xhMb733aLf6hwWu7yb1Apwni9pPgT-8-YNlyF4Xo7OlhZawSRzGt7TUGDmyzjeRBMB9Oi7ysMygspY1ZE_AWF49CByUe3frfB_dBsOSQX4qyqE1u_Iwt4b6Y_RJm7hkVTLIYLUuySabzFvgmoUgPA8BTOvJvOd2Gf065Aeec14t3i_Wu799LNdb9MP9wzIl_bUhonppU5geROZVdjwXY__j0pMNhSrJ37sORqg-u2Mv3wZ85yQxEYnDTV4yl4qpyFPsSuZzFI5ohHwtMYsUSY86m36OD3CTX6SOkNHVTlhNPMxFmOlkTlN6ZwMyxxk-qGASWR3j81AyGyBanGgYn_cnbj-Qefb5fUK8Sh1iEBEoM7RTST9ifI1OpiiIHCQpaMf3qQRRyCjsfMnTtEi1WZkcZlJjAx6ZoGzZfvXUd_Wr1p_8XqBbdoyYvhjsnLhrXpXAyrhuJK4UDsHXnzSC_joC5oYoy18mHwxlHYWX_PFN8gSw8xYFIQAoYkDl-ioVkV5RINHrNvbcAaOrnBjKqhz2q0sTwmWiS7llcbqfjo1fhVzyvjMhWg9ex7Lscyme8o5kYAOfUhf4oSSnLsK65Rlk5tad5jSwiBfZEScmyesCXQapQgCs-xEiZYvNoX32LOHUF6o2MAStDiUxmL6zOfayZliXlj9Npj6jI66-HEuQRZLM-_ZaPV9tpQqObnae0csfZB_ysYU7H4r2poLGeBHEy2dOmUpUkJn25vwkE-Y5SCvZurxXoXd8HFTbsRWrxz_VDeC4aO8_uYFpM27CI9uCjgrUoUqkZn8ZNJj0s1gUkUljZ88FSraUtVb1HCnxk1MPyypneUvJKx06trsBsTnPFGmA1C_QQYrDYVrgkmcMnpbYpawgQNT8scLH2pXd-K_QyB2Q-szAiCMafyZkjE1hJl9Bw0WmXZBzvI5A0bAQetSOZ3S_goRkenGg7vkfXMCARsQWcpvJlKMVGccecCChtuKtYyrlCoBQ0VdkGRB3wK0nMninO-lSvuPd14OCObl9WdbQkvnXJ2rdkgTaCcRr8jISfG4ng68b2ffroHMSLSmLTh-rPFjcQ3DShYCGdNmHv3U6VX3FvVUkmpQySuJ-OumS07yXc6Zw_Du5Y0X2HJT4JAHcovMnPDzsaM-NZJqHWi95psTCoFN5kMceyrBf9yn-aIIyGj5HYbuOKctaGSxFP75ri4uLcTiL0gegCZZ_4q7UpdtrR0p6c60PeccF24MVq-YkZzTxGusIuC0X2_c5Eil6cBAHnie1ygue5ltn9pY4zHBk7yhlsOnUCwqhz_4EYRMkfB_iGtTexa6ASGpAs011QmPi4gYIXrm0-d8eWKP-_A9bCvw4F1cJ0UhIpvfIb1hSIlWRcyOnz-q_E3w8PalAH0AT67_yzraTikztuZbY1o0bLE8oUEXSSpEjKci0V-HEH_KWL4YEOYi8fB42hWLw_mWK-xfG0oSwk-rVLqwWoepd30YAxHc3n0DL6F91SchHkbHBy0enKaGg4U801MiBPCcdi34n5oaLzpnPDwGcJnMI9fyZ-GHLYqOstN_9qF1I06IaY9T48QGYUOBF92yVFDuSzGTN5HGrOcApl5is_Z6ROY6TakuMUFaRW5VzwYyzXohFkfKbInd-6IpLw98nPhSJ-AbbbWXKwAF3JWjMyd6SMspiZu3Vu0aXHOGeq1BwhV8yQ8VQhfBJIOuwI8j5L-bZVqBvjSOk46-Iqu8d17_MoTYVDFyXHXBeeCP6sg0NdaqPhVKMoLSjSjaBoP0sz-wNN6NUeJaSOVrifNTlZCbAKLT7Bx41WHKCSsZw&cid=CAQSOwAvHhf_1efjfl_-0SrEurOVCNDxnNhn8oY9LyhsiCb7vlXRnsUo6vXDfGh1UJ7ExMR1WuqLR8Bb0GDaGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Frandomgenerate.io%2F&ds=l&xdt=1&iif=1&cor=2669711429223994400&adk=3047537734&idt=422&cac=0&dtd=51

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

390ab6d59e3d77a5cd1c168818f53c37a74d4731a2a35288ff693da7988a5467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12435
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F96 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3FDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdo34kGaTjV4aCKJOcy7aw&google_cver=1

43 B
1 KB

50ms
48ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAdo34kGaTjV4aCKJOcy7aw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNU_CVgwTBwM7FKE8sTdfhyVZ3Goku9Kym83Im_tQDUemDF9Wvw-hxNZ1B8ZlsMAmjwPGKhadZXQpAiWUJwa-AE0Fl_TvbBD8KyDIEmiL_lNakr9C64P0dWp-vYnjBMVQgfAhlzEpgB9mhOp4762swo0C-klPqpRXvouRbDvQA3_0Nx8JhLUPZEfNN3gjsRgSTTCAqWS9FB_sJoUNiXw71I28r3Evg

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
an-x-request-uuid: 60a90fe6-aade-4b8b-8a99-204d8aca3f15
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.103; 80.255.7.103; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAdo34kGaTjV4aCKJOcy7aw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3FDB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTQ3MTkxMTkzMDQ1NDM2OQ%3D%3D

170 B
188 B

56ms
56ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTQ3MTkxMTkzMDQ1NDM2OQ%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
an-x-request-uuid: 242fae5e-2391-4d26-89e0-2b535ddf21ea
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTQ3MTkxMTkzMDQ1NDM2OQ%3D%3D
x-proxy-origin: 80.255.7.103; 80.255.7.103; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3FDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKmtDL3blJQ7_dW6ho-4N0c&google_cver=1

43 B
105 B

51ms
50ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKmtDL3blJQ7_dW6ho-4N0c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNU_CVgwTBwM7FKE8sTdfhyVZ3Goku9Kym83Im_tQDUemDF9Wvw-hxNZ1B8ZlsMAmjwPGKhadZXQpAiWUJwa-AE0Fl_TvbBD8KyDIEmiL_lNakr9C64P0dWp-vYnjBMVQgfAhlzEpgB9mhOp4762swo0C-klPqpRXvouRbDvQA3_0Nx8JhLUPZEfNN3gjsRgSTTCAqWS9FB_sJoUNiXw71I28r3Evg
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKmtDL3blJQ7_dW6ho-4N0c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 3FDB 43 B
210 B 55ms
48ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7N6o7gEwAQ&v=APEucNU_CVgwTBwM7FKE8sTdfhyVZ3Goku9Kym83Im_tQDUemDF9Wvw-hxNZ1B8ZlsMAmjwPGKhadZXQpAiWUJwa-AE0Fl_TvbBD8KyDIEmiL_lNakr9C64P0dWp-vYnjBMVQgfAhlzEpgB9mhOp4762swo0C-klPqpRXvouRbDvQA3_0Nx8JhLUPZEfNN3gjsRgSTTCAqWS9FB_sJoUNiXw71I28r3Evg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 4A71
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAdo34kGaTjV4aCKJOcy7aw&google_cver=1

43 B
1 KB

75ms
74ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAdo34kGaTjV4aCKJOcy7aw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7d6o7gEwAQ&v=APEucNVh56P7O8fj5NefBrxDvSsj1ozwWlfC-OJzzv8dWNcsw2VaXQp91xpIgmLLTAPhdd24ubWOlkFgWwQkGNHxkze7T0YivD8m2ecdc6N0ljb8TjpfyGbiQg8Naq--OJvw1CD7rYCh0bBlOMOksQaYL3WJETRqGsBiffJzuC8dzrWwrnbU6CNf1CRr_yfnG9qwxs_Pn8n8Lz6WgsJn_q7wA2jjeGy5lg

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
an-x-request-uuid: df5d199b-ce87-450a-9ce6-1eb50e699fe3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.103; 80.255.7.103; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAdo34kGaTjV4aCKJOcy7aw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4A71
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTQ3MTkxMTkzMDQ1NDM2OQ%3D%3D

170 B
188 B

55ms
55ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTQ3MTkxMTkzMDQ1NDM2OQ%3D%3D

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
an-x-request-uuid: b984d9e8-eab4-4265-b563-ac3cfcd57325
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg4OTQ3MTkxMTkzMDQ1NDM2OQ%3D%3D
x-proxy-origin: 80.255.7.103; 80.255.7.103; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4A71
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKmtDL3blJQ7_dW6ho-4N0c&google_cver=1

43 B
97 B

53ms
51ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKmtDL3blJQ7_dW6ho-4N0c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7d6o7gEwAQ&v=APEucNVh56P7O8fj5NefBrxDvSsj1ozwWlfC-OJzzv8dWNcsw2VaXQp91xpIgmLLTAPhdd24ubWOlkFgWwQkGNHxkze7T0YivD8m2ecdc6N0ljb8TjpfyGbiQg8Naq--OJvw1CD7rYCh0bBlOMOksQaYL3WJETRqGsBiffJzuC8dzrWwrnbU6CNf1CRr_yfnG9qwxs_Pn8n8Lz6WgsJn_q7wA2jjeGy5lg
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKmtDL3blJQ7_dW6ho-4N0c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 4A71 43 B
111 B 56ms
49ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY7d6o7gEwAQ&v=APEucNVh56P7O8fj5NefBrxDvSsj1ozwWlfC-OJzzv8dWNcsw2VaXQp91xpIgmLLTAPhdd24ubWOlkFgWwQkGNHxkze7T0YivD8m2ecdc6N0ljb8TjpfyGbiQg8Naq--OJvw1CD7rYCh0bBlOMOksQaYL3WJETRqGsBiffJzuC8dzrWwrnbU6CNf1CRr_yfnG9qwxs_Pn8n8Lz6WgsJn_q7wA2jjeGy5lg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 614E 41 KB
14 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame CEA6 41 KB
14 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 614E
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1525518/72172425/xbbe/creative/adj?p=APEucNXE1pRH3d4z9SQfyt3Tualq7ton8E3368i9psL07nZ-FVH_EtQ&d=CpkBAKAmf-CKqo9LYHemr-BHjPAvlWnmA_IkMH8Zgwms2n58U78QOIzCtCcFtCJ...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXE1pRH3d4z9SQfyt3Tualq7ton8E3368i9psL07nZ-FVH_EtQ&d=CpkBAKAmf-CKqo9LYHemr-BHjPAvlWnmA_IkMH8Zgwms2n58U78QOIzCtCcFtCJozwQ7bWck3HnZVT7YRsOyGKiP8...

53 KB
21 KB

198ms
93ms

Script
text/javascript

64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXE1pRH3d4z9SQfyt3Tualq7ton8E3368i9psL07nZ-FVH_EtQ&d=CpkBAKAmf-CKqo9LYHemr-BHjPAvlWnmA_IkMH8Zgwms2n58U78QOIzCtCcFtCJozwQ7bWck3HnZVT7YRsOyGKiP86yxuFy0Re6Leh66UCfe17JeFar7yB02R88vBloSG7ZnSyckij2mvpQWTKGXldjw87JBg3kcs12vypj3ZDoTpXi_AZWgezdRcp4MZOf0ABfMm5zY-6ibokg3EtkUAKAmf-AGNPKqnJ6SmXrVRUmkEUFKsdV7ypJOlr7q93Ic6jCxLS3ZB5WyVsTIYWYoX1mOzcxdUXTSftH3gMO3mGg52BbTnkQH7QfP3MjTGu5B0KOQbe1jsLGsaIdXGBZa4BeP7ARWdzCWc-26RArjqcCGfB0WMA1mvuDEt5Ic2RBBzNAXOOlgLfJK4HKiPkbCHmlmL34F09Y_41itLjItBgi1lvudqCwDrL5tF7fKSyJUDdWhgOCoXF7K29sG65b_a6NHTL3FoAFG9iS3d-Bk0J4t2lUsHSJ-cyquXVD-ETf2hvz3VDPXeVWpyrYkC1cwxfobaxmvmmdtNUY6FLLk9VYgnIkNG_T4ku676mgVDLxHmy-tOJQcGYhORB_FWa9HvsrbwVuGlR3ZiGVn2y0bbVU1RMLsLlON8f7GFdAu3sMmnm_zYRMdMF9eOc-StrYhZ-E-KkvIrmlQTOyguAmA2CASFC1aIAn1k3amBG-Z2SUUwgVhBjby1VQe-eZJoQQddzVa4FQIElQ3pPhGcSw0L0RO0IMUcupCdEDdU0PZwQOmFnLXx7QItad7jXD4PV5dDpKbqxfNXgLN94FCq9zjucuM14l7dGVPxMxYyiTgmMg7Jo55Xv5LJioaH6X5uQPXQHBw-IZrTuqMcEplk3Ua-meyA2svNU0u-cF8BSG6grre-Hs_RqaOaFrtuGUUUi8gGQVg_32hZJoAyGxhEk8Hmrl0aD1y0niTtZY7JnjI59-GvguMMyEcTgMR3HInA7M96Snxbvadw6XwS2EphFzzbpuqYVthBpX9J8Kp3Hyx2eNFJ3lGzwuGrkzkzkQluKDfbIrKgzb1rGHvZGZ91StKdqfmn7Yj7eri-up12QtkClT1SfhZ_wpDF79DCuNleQcAD61T2djoLerbuTtyryWasNrT-tQCQXc9CgeC7Mlf_UUR4x5KpP-2zFONxtHVD-jO2W6-0JPdNPnCOf1nk2ubcp8VUzScZAIsLoFT6nTCiQZ9mFyNbJovSjg-F5QZeB_51_1YN9VT0w3cLm6af1ebV947X3HjAIBUxf49QiaYl9bcEm_-dZdkoev6A8u0W-qdH3Mw1zkIUWoltKi2a1p0IvDxmKGZX2ktcCYia2CIxUF22e4XKY1Axp83mrG6YsjSl-eCkJ-GuIHrXsYan757QXlmGqD8LvXDCjJfstNRboLa9ubGNs7DyRRHL2AUmaiHHtnyLemyaFnQqnrDunkKpoHJ6XgG-P7yK3IF8wshdvuetGmszs6TLCEEenPK6OKgNID0VX5fu3RGmSWpEg4DBkyXfXOTFIVt4mWMQoU6UkffuPlouS-969oCa5v1_gEhNBgLASR77DFboEmyGs79M1IUKznKTu9rCS3YUkgPrxTyMWYvK65giouRv3sRYiqZVhkB9-pGXg6sww8IwVyFrCgiy5wwb4kNNI7DXvaMTOh4F9kXHiIvtHgAfkK1L6pXoNp3v03Rctw6inErikh5s8sO4kgo34fdREHBGBJ9C8PFJq_awv6XFobQzRiU0yJtro751jOE6rvcwC38BjV4lLy4AnvD50Q9Ah0-Fpqg234MSgh0GfJMHf3tdQ4Y-rZIL-Hl2-nUBjKgguiLTNI_EMnPr69zso43wvKZBJH895SXpi5kEkelVsOdWLq0Sbz53EJ-kr2fzq9VBLON_cw7SinRYVi3G0yVtG3kdBylss7HF48YmWxGBUIX7ZSY7YURkLGLrnvoZpgZhUlWRQE4UFrEGTghsDL6QJBeAAQAzMZsgNEuRF5ZOF1SwywBNA1IHYeWHCsHLz110Dk2XvuoMNdmAhd1wTcOT3hl0t7xAi8Upia-BtH9sb5RHmOXad4kGrSogSmmmSN05Brb0oHdI5y045xdqujiz_rVAUPlGTknJEnIUj-xf6X9KXdc_XBA1P3tmKURZxdW5YJTaYcNZs3eib58a8aDA7fDTGmA6Tk18Fqm_ZITLg0GcGKhCXIuvC2aV2Yvjzj5C4BiFLXvvVvDxiNSGAje8GanmG-3dXvidkYyzTnSYHiDSQTZEVsfIBAHpVOSgpKefrZD_4hoW3OpDCmBWegyn9qdnsadoHRftEiYkv2uC6Dg1ejnfshokhm3TBJNs_MidWWW04kBhxWur7C96F-KdeSlCUXOZHzUgZ8FYvV3WBxJbxSmy9QlVwIhNzLq4vifUCguMGAYTcltR46yCbUfJMAXNCDPOC_UN3G329za8vTwHD51z7cpLS1QrUv5VcSNXTdCIRUrvEIGQRcT3Y_p8HVW7dNN86oePoEhoHcdaOHxTIwJh60XzqJ8XwAtdfJfZur2nq3s_mA3VNQ2BKwzhY3c8z_Eo2uTU3LfYp_FEWcGokEECNBnOsAibpT549qhWeFh7BzhrzByw4rK5Wt88J7Tki66XGN7cnfjI038wWC_DUw-snlK_ycDwIsQNp9ebXlj4HhJ3-o4hVFzx92zG7kbnsQHLyILE8lmnVcT6Acm-6CHMGh0uZ75WILb8BM0YiApWLLSTI3dIrC31a9IPZUYUEWyQBfvhjRLxNBQ1GW3wpSA5FdNC0BRMmeKa8xWBJ0PGIImQdhi2z92GZ8xMplzZ3WGEecg5CpMjUQ3--vhuLGpxDDyg9QCF1u5OFfJAlL9HbE-znMwPb8Dn1iu3ErWwGhy-XLhV3yfw94tExF10KWRjNOK8T8q9xuNEvSQm-Cb70QgSsTogEhc3hHw5J2IB_BJqXTbIpiU62GuXvPCULc6QgoGzp9u0y7fmVXVjh3Mw97L8sHeCskdn_LaMNQpm2M1pvxYMu4k66R7NGP2acGqMlksVo1tU8I6nZKZYrTXb91v1AXBfiZLU-F7MHkdIvZFy2IakEn1guhqFO56768MQsZqMY4YNEFuebarNOscAP92E3NU-yGbZAbPM2S_M1cBelC-hletLSFBipJlmBs-vWz_nURV-vZ3gsRGk9dNuREPtew7fH8_PNDMvlb_kkP-QoQPO2hd18qOM1g5FKz6q-bjQrXaslHNWmdDWthJbZWyf9i6tM5Kw51rLc1ZyhE7r4SnoD3jLFdGZucWVttHaYcMf0LqlN9AxZVFTW5KLgl_GTz0yH400H99u-xJSI05l2sjPl0p-dG4ZBQAjvXyZ6ngX3nqbDB3FqfAwEvW7VkymPFws1fdd58m5307jtRdZ3XINa_iawLd8thMOzCbX1TGGMB615_z7867LGhJEeqELkh0uYXjKS6xs-CGfanTJtU-IpBRCvxS1Pm-5EtpvoB8DG4QAnGBGKaHkMrrpAbPoMo7OLP9s2YcCGs_kcgW2xFslQ_fu_XZ4rW4vQ-yG22mBh5edd4v4z3s9MM4hr6CnShl3Ym1RSpqlS-BQnKW73Xr6pEks599wLM0FCCNV-HG6iwpFbtxeVIepNxAU9FK4PlnEvzaUYdGIzwADlh-vOvt6Y8njRe9LLl9uJOlo0SR5qalt4LUl0kohrVCXy7y2SkL2I_Usk-yh6kwz1o5RaPfugu17kFgxxrwJG_x-VPBCvgI09ms2aEsGkEIBBI7AC8eF_8pD15tBhiZNJO0VgxiK9huh_nGwwgosNtDb_JBf91tJwlbKUK-GoRCDPc3LbXol_OCk1TKznYYAWAB&cry=1

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

64.233.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f154.1e100.net

Software

cafe /

Resource Hash

cddbc0f8158305055e30aebd2b6b7da9f858967a15d58197e6d8a35ec30292c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21339
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXE1pRH3d4z9SQfyt3Tualq7ton8E3368i9psL07nZ-FVH_EtQ&d=CpkBAKAmf-CKqo9LYHemr-BHjPAvlWnmA_IkMH8Zgwms2n58U78QOIzCtCcFtCJozwQ7bWck3HnZVT7YRsOyGKiP86yxuFy0Re6Leh66UCfe17JeFar7yB02R88vBloSG7ZnSyckij2mvpQWTKGXldjw87JBg3kcs12vypj3ZDoTpXi_AZWgezdRcp4MZOf0ABfMm5zY-6ibokg3EtkUAKAmf-AGNPKqnJ6SmXrVRUmkEUFKsdV7ypJOlr7q93Ic6jCxLS3ZB5WyVsTIYWYoX1mOzcxdUXTSftH3gMO3mGg52BbTnkQH7QfP3MjTGu5B0KOQbe1jsLGsaIdXGBZa4BeP7ARWdzCWc-26RArjqcCGfB0WMA1mvuDEt5Ic2RBBzNAXOOlgLfJK4HKiPkbCHmlmL34F09Y_41itLjItBgi1lvudqCwDrL5tF7fKSyJUDdWhgOCoXF7K29sG65b_a6NHTL3FoAFG9iS3d-Bk0J4t2lUsHSJ-cyquXVD-ETf2hvz3VDPXeVWpyrYkC1cwxfobaxmvmmdtNUY6FLLk9VYgnIkNG_T4ku676mgVDLxHmy-tOJQcGYhORB_FWa9HvsrbwVuGlR3ZiGVn2y0bbVU1RMLsLlON8f7GFdAu3sMmnm_zYRMdMF9eOc-StrYhZ-E-KkvIrmlQTOyguAmA2CASFC1aIAn1k3amBG-Z2SUUwgVhBjby1VQe-eZJoQQddzVa4FQIElQ3pPhGcSw0L0RO0IMUcupCdEDdU0PZwQOmFnLXx7QItad7jXD4PV5dDpKbqxfNXgLN94FCq9zjucuM14l7dGVPxMxYyiTgmMg7Jo55Xv5LJioaH6X5uQPXQHBw-IZrTuqMcEplk3Ua-meyA2svNU0u-cF8BSG6grre-Hs_RqaOaFrtuGUUUi8gGQVg_32hZJoAyGxhEk8Hmrl0aD1y0niTtZY7JnjI59-GvguMMyEcTgMR3HInA7M96Snxbvadw6XwS2EphFzzbpuqYVthBpX9J8Kp3Hyx2eNFJ3lGzwuGrkzkzkQluKDfbIrKgzb1rGHvZGZ91StKdqfmn7Yj7eri-up12QtkClT1SfhZ_wpDF79DCuNleQcAD61T2djoLerbuTtyryWasNrT-tQCQXc9CgeC7Mlf_UUR4x5KpP-2zFONxtHVD-jO2W6-0JPdNPnCOf1nk2ubcp8VUzScZAIsLoFT6nTCiQZ9mFyNbJovSjg-F5QZeB_51_1YN9VT0w3cLm6af1ebV947X3HjAIBUxf49QiaYl9bcEm_-dZdkoev6A8u0W-qdH3Mw1zkIUWoltKi2a1p0IvDxmKGZX2ktcCYia2CIxUF22e4XKY1Axp83mrG6YsjSl-eCkJ-GuIHrXsYan757QXlmGqD8LvXDCjJfstNRboLa9ubGNs7DyRRHL2AUmaiHHtnyLemyaFnQqnrDunkKpoHJ6XgG-P7yK3IF8wshdvuetGmszs6TLCEEenPK6OKgNID0VX5fu3RGmSWpEg4DBkyXfXOTFIVt4mWMQoU6UkffuPlouS-969oCa5v1_gEhNBgLASR77DFboEmyGs79M1IUKznKTu9rCS3YUkgPrxTyMWYvK65giouRv3sRYiqZVhkB9-pGXg6sww8IwVyFrCgiy5wwb4kNNI7DXvaMTOh4F9kXHiIvtHgAfkK1L6pXoNp3v03Rctw6inErikh5s8sO4kgo34fdREHBGBJ9C8PFJq_awv6XFobQzRiU0yJtro751jOE6rvcwC38BjV4lLy4AnvD50Q9Ah0-Fpqg234MSgh0GfJMHf3tdQ4Y-rZIL-Hl2-nUBjKgguiLTNI_EMnPr69zso43wvKZBJH895SXpi5kEkelVsOdWLq0Sbz53EJ-kr2fzq9VBLON_cw7SinRYVi3G0yVtG3kdBylss7HF48YmWxGBUIX7ZSY7YURkLGLrnvoZpgZhUlWRQE4UFrEGTghsDL6QJBeAAQAzMZsgNEuRF5ZOF1SwywBNA1IHYeWHCsHLz110Dk2XvuoMNdmAhd1wTcOT3hl0t7xAi8Upia-BtH9sb5RHmOXad4kGrSogSmmmSN05Brb0oHdI5y045xdqujiz_rVAUPlGTknJEnIUj-xf6X9KXdc_XBA1P3tmKURZxdW5YJTaYcNZs3eib58a8aDA7fDTGmA6Tk18Fqm_ZITLg0GcGKhCXIuvC2aV2Yvjzj5C4BiFLXvvVvDxiNSGAje8GanmG-3dXvidkYyzTnSYHiDSQTZEVsfIBAHpVOSgpKefrZD_4hoW3OpDCmBWegyn9qdnsadoHRftEiYkv2uC6Dg1ejnfshokhm3TBJNs_MidWWW04kBhxWur7C96F-KdeSlCUXOZHzUgZ8FYvV3WBxJbxSmy9QlVwIhNzLq4vifUCguMGAYTcltR46yCbUfJMAXNCDPOC_UN3G329za8vTwHD51z7cpLS1QrUv5VcSNXTdCIRUrvEIGQRcT3Y_p8HVW7dNN86oePoEhoHcdaOHxTIwJh60XzqJ8XwAtdfJfZur2nq3s_mA3VNQ2BKwzhY3c8z_Eo2uTU3LfYp_FEWcGokEECNBnOsAibpT549qhWeFh7BzhrzByw4rK5Wt88J7Tki66XGN7cnfjI038wWC_DUw-snlK_ycDwIsQNp9ebXlj4HhJ3-o4hVFzx92zG7kbnsQHLyILE8lmnVcT6Acm-6CHMGh0uZ75WILb8BM0YiApWLLSTI3dIrC31a9IPZUYUEWyQBfvhjRLxNBQ1GW3wpSA5FdNC0BRMmeKa8xWBJ0PGIImQdhi2z92GZ8xMplzZ3WGEecg5CpMjUQ3--vhuLGpxDDyg9QCF1u5OFfJAlL9HbE-znMwPb8Dn1iu3ErWwGhy-XLhV3yfw94tExF10KWRjNOK8T8q9xuNEvSQm-Cb70QgSsTogEhc3hHw5J2IB_BJqXTbIpiU62GuXvPCULc6QgoGzp9u0y7fmVXVjh3Mw97L8sHeCskdn_LaMNQpm2M1pvxYMu4k66R7NGP2acGqMlksVo1tU8I6nZKZYrTXb91v1AXBfiZLU-F7MHkdIvZFy2IakEn1guhqFO56768MQsZqMY4YNEFuebarNOscAP92E3NU-yGbZAbPM2S_M1cBelC-hletLSFBipJlmBs-vWz_nURV-vZ3gsRGk9dNuREPtew7fH8_PNDMvlb_kkP-QoQPO2hd18qOM1g5FKz6q-bjQrXaslHNWmdDWthJbZWyf9i6tM5Kw51rLc1ZyhE7r4SnoD3jLFdGZucWVttHaYcMf0LqlN9AxZVFTW5KLgl_GTz0yH400H99u-xJSI05l2sjPl0p-dG4ZBQAjvXyZ6ngX3nqbDB3FqfAwEvW7VkymPFws1fdd58m5307jtRdZ3XINa_iawLd8thMOzCbX1TGGMB615_z7867LGhJEeqELkh0uYXjKS6xs-CGfanTJtU-IpBRCvxS1Pm-5EtpvoB8DG4QAnGBGKaHkMrrpAbPoMo7OLP9s2YcCGs_kcgW2xFslQ_fu_XZ4rW4vQ-yG22mBh5edd4v4z3s9MM4hr6CnShl3Ym1RSpqlS-BQnKW73Xr6pEks599wLM0FCCNV-HG6iwpFbtxeVIepNxAU9FK4PlnEvzaUYdGIzwADlh-vOvt6Y8njRe9LLl9uJOlo0SR5qalt4LUl0kohrVCXy7y2SkL2I_Usk-yh6kwz1o5RaPfugu17kFgxxrwJG_x-VPBCvgI09ms2aEsGkEIBBI7AC8eF_8pD15tBhiZNJO0VgxiK9huh_nGwwgosNtDb_JBf91tJwlbKUK-GoRCDPc3LbXol_OCk1TKznYYAWAB&cry=1
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 42F4 91 KB
92 KB 139ms
46ms Script
application/javascript 2600:9000:26da:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 15972420
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: CTzuBwvYLNV9_CeHeJRK9fhXpgcnB_lXhL2DOI1Nh521wS_gfh5hkw==

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6774 41 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 83F1
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDna9TVjniRrnoXpY6Y5Jeg&google_cver=1&google_push=AXcoOmSyf3_lwmrnM2xu9Ebj6yDYri0d6ciqkwF8lTdWAg5jL_o_IiishMVMnvXkbCLrj-j7N8ir128Dx96x-4y0hbmXqOVQvfk
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzMwNzc5Njk2Njg3MzY1NDI2MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDna9TVjniRrnoXpY6Y5Jeg&google_cver=1

43 B
398 B

49ms
48ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDna9TVjniRrnoXpY6Y5Jeg&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 29 Jan 2024 17:30:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDna9TVjniRrnoXpY6Y5Jeg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 83F1 43 B
235 B 44ms
43ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHCMVlgEjTo8nn51RXKQf3Q&google_cver=1&google_push=AXcoOmQRDbEAPIZTgSdcz67oourYe7xpU6O803HV_k_Z-Ks99rGjVmWoFXQHxxKY4t0YQXJ5f-aq2ayPXEuPyUm73R04fDASvsqv
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 dds
rtb.openx.net/sync/ Frame 83F1 43 B
236 B 138ms
50ms Image
image/gif 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEXCW3m4SK8WeEQ7VGTKt30&google_cver=1&google_push=AXcoOmQwS0Iz3y-U56rmVX8N5DnqCK50esunp8mClO6nB1f1m3Cxry0dlVJ2ub7QihdxEBhCp5sEkcpyJ9NSZ6spln1TLJMk7kmo
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 us
sync.go.sonobi.com/ Frame 83F1 0
401 B 417ms
128ms Image
text/plain 2607:f350:3:2569:0:10:0:200d
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAXcoOmRlbSVOI3FWqe5OkVhSuFqqedCeWwqRpJNasvdCCHGkDF8NHflg7Vqa1TRjL2nQvWSDWRJe6Ok-M1SDBHgdYWstPmBuTV8%26google_hm%3D%5BUID%5D&google_gid=CAESELUh45G4nHdqVcfNZxqNgUI&google_cver=1

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f350:3:2569:0:10:0:200d , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: sonobi-go
vary: negotiate,Accept-Encoding
x-go-server: go-iad-2-5-138
content-type: text/plain; charset=utf8
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store, private
tcn: Choice
content-length: 0
x-xss-protection: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 83F1 0
44 B 62ms
39ms Image
text/plain 89.149.192.76
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEL-CyU1kGFxBH9870TyXFF4&google_cver=1&google_push=AXcoOmQjHXxYpi1ydhAoEn-1BF-Q6fR-i_PMWUA-dkKnRvK02EpJCh65KiAgeqmVgMIOln08Di3kGdjLr2_v6a5jfvKMNMSdOMQf
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.192.76 Bunschoten, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:29 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 83F1
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEKJtHfrVKDdwf2da3SGI0ks&google_cver=1&google_push=AXcoOmQikOpNiQ9iy...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODg4OTQ3MTkxMTkzMDQ1NDM2OQ%3D%3D&google_gid=CAESEKJtHfrVKDdwf2da3SGI0ks&google_cver=1&google_push=AXcoOmQikOpNiQ9iyJeY260M2XLlkoopB0...

170 B
188 B

50ms
50ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODg4OTQ3MTkxMTkzMDQ1NDM2OQ%3D%3D&google_gid=CAESEKJtHfrVKDdwf2da3SGI0ks&google_cver=1&google_push=AXcoOmQikOpNiQ9iyJeY260M2XLlkoopB0wPaiyUMf5XvwemIBQ1uFoNsSOwRV_4qE055eKt2iWd94-o-6dY_3vRUAPyvU-WU8Tn

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
an-x-request-uuid: 8318f4f0-2d7e-4e86-80f9-922bdd6b9113
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=ODg4OTQ3MTkxMTkzMDQ1NDM2OQ%3D%3D&google_gid=CAESEKJtHfrVKDdwf2da3SGI0ks&google_cver=1&google_push=AXcoOmQikOpNiQ9iyJeY260M2XLlkoopB0wPaiyUMf5XvwemIBQ1uFoNsSOwRV_4qE055eKt2iWd94-o-6dY_3vRUAPyvU-WU8Tn
x-proxy-origin: 80.255.7.103; 80.255.7.103; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 83F1
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=394b6b2a-44a1-48f2-9c45-590959337794&google_cver=1&google_gid=CAESEKxHoh2i4KsuTTwdEq064nk&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

51ms
51ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=394b6b2a-44a1-48f2-9c45-590959337794&google_cver=1&google_gid=CAESEKxHoh2i4KsuTTwdEq064nk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT1K0_u-48T3T3pfvOFemKGpMqRsNp_6xVBCQ5v6MAYfKJE3dwYrZ1IhxQHfGR71vNrQhyh9B0nYZ398CgHO7aTFGI5x_dezg&gdpr=${GDPR}

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=394b6b2a-44a1-48f2-9c45-590959337794&google_cver=1&google_gid=CAESEKxHoh2i4KsuTTwdEq064nk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT1K0_u-48T3T3pfvOFemKGpMqRsNp_6xVBCQ5v6MAYfKJE3dwYrZ1IhxQHfGR71vNrQhyh9B0nYZ398CgHO7aTFGI5x_dezg&gdpr=${GDPR}
date: Mon, 29 Jan 2024 17:30:30 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 83F1 0
12 B 49ms
48ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KeNUmMdZm65pIeoGbO0NBBd9Y74gvKIGLjT184Uj-uEj3VmOuqZqM9DW3CUb2CiSii5RtQdCw

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:30 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame CEA6
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1525518/72172419/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-Au_pS2S7MBI0Kp_EeXTAsumq8GFitrGRKJY2NJKIlpaYfH4C301xT...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-Au_pS2S7MBI0Kp_EeXTAsumq8GFitrGRKJY2NJKIlpaYfH4C301xT1GbDVqjvGiBlow_m5QmN3lzcK8...

53 KB
21 KB

176ms
71ms

Script
text/javascript

64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-Au_pS2S7MBI0Kp_EeXTAsumq8GFitrGRKJY2NJKIlpaYfH4C301xT1GbDVqjvGiBlow_m5QmN3lzcK84afd_5UBIMT9hjelfG2jdz71IHCUnRMBQcAMXrmryoyNDhzgV6wMyiZdXLwiUTtyiG0S0NmDITeXXR6IhgAK4L-O1s65nN_KlTJ56EvkhJFh3sjgKRECeweEskUAKAmf-BOWPPBk_LSgKJLoYCFM3f4nOGV8elU_-9Eo3HJWugPaFd_CCdtUYnhI5wyCDZvPzQJ4oy6HKyJJhlDKQfFnBL1GQhEohM5fvI3V1OtHDt7jrWo4YdON1zoasqRYwlEVAx6x4XeWrZtO5cSqdpP6gnrmRCIjg_cfPnYRF5cB1r5_BJ9UoZbLk6m_dpiXQLjHndhgGHOgPIZ_HFBIhi4xvMUjHjmw9_LCJLPBaOlvOcKQq2Ka0ooRG36oXHKuHH26iaOUFvIM0E9UPtjw3UllflSshMeZtQ6Sl7NjgnEpSewqHWCCZK29vVp8iLx_BGmnFK3XQRORoV29luCwsTNgvz8dhWBmB4YB3_3BODsttnuk9VgVtNopyk7VDJVYdncsTn4SF-eCZATtQl_uhvu_JefqdfYEfWWWY5KZL8yVZA_mwLYeJewao7rqa5iixXR0WvZslcvfF6qDz3LZLQmpwMPWl0Lbc00CL3Ut4laD-iAykd20ix20kVbHNc3UYmqjC_yVuO0CQMIWpk-SjpLbaaa7_B_HbtlMjVwK8zeHx7nUVKFtgopJw8K8jbZWPJq7bcpL2ZBn-GJ_4mdFTQUEFfwZXPoZmQzbndmthuxj2p1vwnJOxpC8WkVf6w5y5f9iYnkStbNH-EYkDOJZ97KqTn38VOxmWH1zkfWnjSbeiU1CnehnWe1vs5YYGmJxTRcBVSXtnnhdwdC8uUnlcnIQ27CSuxHUmhuMXe2ybuVdP83r2-wmEO0WFzaFBSF_EhtWFEw3JlE6MLrsJdFAIjOklw2D3bRHpaKRVfRMw4_fFcHSl6Lbm2e5mkWPJ3_Jwv82XTKb7G9IVSL6tgKhYNpE2ggJ9s5iZg1SAOQji2A7ffnemfDuTAzPqZiF97otEY7KvC4yo86Jt9oeV36qC3ptJOyUtI7Z9nLq30pyRH429WTYWnWxyW7iuT_ken9pl5p9bPwgyf6J3WX6SnGmbUlmKL8b3HnnY4VRHtG0Zuo5_RPxF5cUsFFl3iGrXnL5Z-ksXzn5cSOQEd04yQmySglS-2jzPgMizpW5xY30EuFiZyGubLE_CGEmE9zBa0n3gOvN7I_0F2XrJ9hg-dfa0uNPzIiggLhfh1kPktdAZXCzipjpz_LrabtRs3r6jmbJut1jbNBxgLAMk90zai2QyDbESBSr3tJTl6-aEzZdE9ZzLKqO3xjYyn27sFOKVMRijd9soXmnn1vFDNsF48isajA5lR05LEYb34y0rfejtuKs1egdIIkp-f2rbPVmeVF37mZuzihF2VoLoJknjOZo2A95SQaKOWfdSfjYmz0bmRdNN2f3m_DWJkopClq1_3kVKJVNTSnWz0LlgdoJVRDOXYeDSGzw5nRbG9-ZySiA1sHe5Mo78chaeUwxkiBK2Fz1Ak_2dOW-GR_U0Q2keor0AmMb15dG2gfXBdYGU0dWVDsEcCgp3Aj4hqzxH1j0z6XZlir0oqNonDLfzWycNuaXHcoQJDDQw_WNlgSiM8uxkgbrixPpb3HsGne7sWHkHZ_xisCNelJlxSkfm3R4sF9VfY7OeM9nTjxlXrQEdFPU8RDS_eRcaDvcuh0O4nSgmlktodMef7fb0uJQn-qng33vLp3NwSq8aihz4_byDO10wDEUXiYLhbi1LGpDZWJbG-aJljmA45Be8R0rujZJcmEPr_9msrNGBndnkvDsWjS8qhQE1fe0-tMz0seUOqNGg5_hRO8JuQPcz-zQDG53eVtyM0yDyHjBUkl8sIevZBRCQeGAeMTlaJxrf_eO6PWYyfbbvHWHrn2awqVOvFYEt28BkdlKxib0VSFQ4g_Fpude4NtNlMnyiUbfOGCMqvxRhREM-qtbbwJOZig_u11020BNmhLWvwPuh9pJMEmbJHsH6Wd0KLKU6I_QIH85mFYuWri86SC7fyOYhSB4CfISYp3v6x_TALwiv6pb62Sxvxwzpyvt5Fl9KuoORUVsE2wpCbkEUNEI7ZARrXFO70BgP6-cQtsnXlk6p1mTci23nEYKzWOY2ESFsQLRdHDmc-NcgTxPZR0cBx8owzG45REg70koMJe9m-C8blaPeRUNHZlbd3bCvV7hh-O9euq3SDvI0CWI1tnNyNKGo2PgsWW_PIKev2j2kHkix5OjAG3sSadZ5yHNO-OOaLC1rXZsKaxwPs3yYa157cDNr3AmL3lLOPw3pIS2hp8cZzLwx1MLs3J5T4aZCromuPlA9-LeMb2dqliDFLxzsVwoKLM9oAL48pH0cT6-71-LBCucrThfie5GuM8hRDv69TkwM0vFQ9fn5fVjyeuk1NQw1qORDEYy61-3WETqA9EcugzzApNwceraWNY8FU_RiTHh2mWJxXksrxwDIJTFm8RKLUQgEQKEFIAZngb0IMEHqqeYBjt4JDg79OjOIk1rxThy2ikP28PbhFnE5DYXbWvd6tT3nR5VO5gBWqScMPOYdOb3lsnsEXwoU7Ya-32cwq5nNtRb2OigrIhFUHfuvWzX5kHYlEO9OcfrBa-zACPXHMNSqABCi3AMdpxdrvnGoq3FLDvdjMCqxyhNUvTQok26_VP1xZZMsSefotnO760yXE_kjrRujNeTt8fGV-PRM8o2QXOSonKVX4kJVMOx-On1O5qh1K6TCib0FL6OnY2Tp5LNssNU-IPYLuWihzeUoT1SeczNlTf5QALFelWH17uRTd4Q46FiIlHu0zF9UD7dzBZM60OWixLpDX8RoWdJsnfnrl9Ls52cBnKYrmzQoCABcXjCYiRmZFSD_hR2wpkh-YJ_7m5wcG2tHCBT_y9ArCfdoBANOyZ0_ZdATiKjOEiOTjYuEWY1_0cYtzp_XtcItldaNns-eqcsMxb7whXvLhj0AyXMNJ2bkxCMgVOgHty-Zuto7WEhDI_P_jnKzdQX5rD0ma9FqPiaU4rZEOdJabT4UZjNP-eGelpP6_0brume23aPezv-_qWfvaW608N2ZfY8KZGiZD6STeMGd8yFBym5HDFOCoDf67E2VCRQHN-3PcJn4v44hUxLK6k4ZiBh5YHQ_MjlAmytiOm_N2EmFb_pqQSZ3HBeSlSnEtoNZXYg5nuh1R0Talu_BWrNKGuw9RfGAjdjhrUgN7upgNTk2YcaeGggTsRMUWeq-S9-waq8yg2E7MtUxpgl5ci-J5s_BFkdjHla4fTVkgZGsKDrg7oSJ0ZC0wAX9rBVPMKx3R8dGJQkS3KDWB4ly3RUBc9JlGxAZ2sQzAp9uoe0sdTshOpRwv60O8zCM4hc90l97xJppkDc-U3dKHrs9VIZHlYt7529nZIUgzeHNRTSFP-f_pv2jZdI1-YP2u65Z_yKxG0Nd_sJl90L5bCE75yfyQWuAEB6NJMeGi5qLo4uITpwaLEYttX7m-X5BSH40-mew4lF1CWrOrF2uRBQ382zuSeF0tHMup0gnVHS1XE6fCso4etzjY1orTHi2UdfKJnjimmuuwykmm_UUD9GHlUGgltDloSqriWgOkU_bHBs8jLuegZ8FEaQQgEEjsALx4X_ykPXm0GGJk0k7RWDGIr2G6H-cbDCCiw20Nv8kF_3W0nCVspQr4ahEIM9zctteiX84KTVMrOdhgBYAE&cry=1

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

64.233.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f154.1e100.net

Software

cafe /

Resource Hash

385d76692e394f6514bbf5b817e494ed5383e556035baeb83842e770c25930bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21338
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-Au_pS2S7MBI0Kp_EeXTAsumq8GFitrGRKJY2NJKIlpaYfH4C301xT1GbDVqjvGiBlow_m5QmN3lzcK84afd_5UBIMT9hjelfG2jdz71IHCUnRMBQcAMXrmryoyNDhzgV6wMyiZdXLwiUTtyiG0S0NmDITeXXR6IhgAK4L-O1s65nN_KlTJ56EvkhJFh3sjgKRECeweEskUAKAmf-BOWPPBk_LSgKJLoYCFM3f4nOGV8elU_-9Eo3HJWugPaFd_CCdtUYnhI5wyCDZvPzQJ4oy6HKyJJhlDKQfFnBL1GQhEohM5fvI3V1OtHDt7jrWo4YdON1zoasqRYwlEVAx6x4XeWrZtO5cSqdpP6gnrmRCIjg_cfPnYRF5cB1r5_BJ9UoZbLk6m_dpiXQLjHndhgGHOgPIZ_HFBIhi4xvMUjHjmw9_LCJLPBaOlvOcKQq2Ka0ooRG36oXHKuHH26iaOUFvIM0E9UPtjw3UllflSshMeZtQ6Sl7NjgnEpSewqHWCCZK29vVp8iLx_BGmnFK3XQRORoV29luCwsTNgvz8dhWBmB4YB3_3BODsttnuk9VgVtNopyk7VDJVYdncsTn4SF-eCZATtQl_uhvu_JefqdfYEfWWWY5KZL8yVZA_mwLYeJewao7rqa5iixXR0WvZslcvfF6qDz3LZLQmpwMPWl0Lbc00CL3Ut4laD-iAykd20ix20kVbHNc3UYmqjC_yVuO0CQMIWpk-SjpLbaaa7_B_HbtlMjVwK8zeHx7nUVKFtgopJw8K8jbZWPJq7bcpL2ZBn-GJ_4mdFTQUEFfwZXPoZmQzbndmthuxj2p1vwnJOxpC8WkVf6w5y5f9iYnkStbNH-EYkDOJZ97KqTn38VOxmWH1zkfWnjSbeiU1CnehnWe1vs5YYGmJxTRcBVSXtnnhdwdC8uUnlcnIQ27CSuxHUmhuMXe2ybuVdP83r2-wmEO0WFzaFBSF_EhtWFEw3JlE6MLrsJdFAIjOklw2D3bRHpaKRVfRMw4_fFcHSl6Lbm2e5mkWPJ3_Jwv82XTKb7G9IVSL6tgKhYNpE2ggJ9s5iZg1SAOQji2A7ffnemfDuTAzPqZiF97otEY7KvC4yo86Jt9oeV36qC3ptJOyUtI7Z9nLq30pyRH429WTYWnWxyW7iuT_ken9pl5p9bPwgyf6J3WX6SnGmbUlmKL8b3HnnY4VRHtG0Zuo5_RPxF5cUsFFl3iGrXnL5Z-ksXzn5cSOQEd04yQmySglS-2jzPgMizpW5xY30EuFiZyGubLE_CGEmE9zBa0n3gOvN7I_0F2XrJ9hg-dfa0uNPzIiggLhfh1kPktdAZXCzipjpz_LrabtRs3r6jmbJut1jbNBxgLAMk90zai2QyDbESBSr3tJTl6-aEzZdE9ZzLKqO3xjYyn27sFOKVMRijd9soXmnn1vFDNsF48isajA5lR05LEYb34y0rfejtuKs1egdIIkp-f2rbPVmeVF37mZuzihF2VoLoJknjOZo2A95SQaKOWfdSfjYmz0bmRdNN2f3m_DWJkopClq1_3kVKJVNTSnWz0LlgdoJVRDOXYeDSGzw5nRbG9-ZySiA1sHe5Mo78chaeUwxkiBK2Fz1Ak_2dOW-GR_U0Q2keor0AmMb15dG2gfXBdYGU0dWVDsEcCgp3Aj4hqzxH1j0z6XZlir0oqNonDLfzWycNuaXHcoQJDDQw_WNlgSiM8uxkgbrixPpb3HsGne7sWHkHZ_xisCNelJlxSkfm3R4sF9VfY7OeM9nTjxlXrQEdFPU8RDS_eRcaDvcuh0O4nSgmlktodMef7fb0uJQn-qng33vLp3NwSq8aihz4_byDO10wDEUXiYLhbi1LGpDZWJbG-aJljmA45Be8R0rujZJcmEPr_9msrNGBndnkvDsWjS8qhQE1fe0-tMz0seUOqNGg5_hRO8JuQPcz-zQDG53eVtyM0yDyHjBUkl8sIevZBRCQeGAeMTlaJxrf_eO6PWYyfbbvHWHrn2awqVOvFYEt28BkdlKxib0VSFQ4g_Fpude4NtNlMnyiUbfOGCMqvxRhREM-qtbbwJOZig_u11020BNmhLWvwPuh9pJMEmbJHsH6Wd0KLKU6I_QIH85mFYuWri86SC7fyOYhSB4CfISYp3v6x_TALwiv6pb62Sxvxwzpyvt5Fl9KuoORUVsE2wpCbkEUNEI7ZARrXFO70BgP6-cQtsnXlk6p1mTci23nEYKzWOY2ESFsQLRdHDmc-NcgTxPZR0cBx8owzG45REg70koMJe9m-C8blaPeRUNHZlbd3bCvV7hh-O9euq3SDvI0CWI1tnNyNKGo2PgsWW_PIKev2j2kHkix5OjAG3sSadZ5yHNO-OOaLC1rXZsKaxwPs3yYa157cDNr3AmL3lLOPw3pIS2hp8cZzLwx1MLs3J5T4aZCromuPlA9-LeMb2dqliDFLxzsVwoKLM9oAL48pH0cT6-71-LBCucrThfie5GuM8hRDv69TkwM0vFQ9fn5fVjyeuk1NQw1qORDEYy61-3WETqA9EcugzzApNwceraWNY8FU_RiTHh2mWJxXksrxwDIJTFm8RKLUQgEQKEFIAZngb0IMEHqqeYBjt4JDg79OjOIk1rxThy2ikP28PbhFnE5DYXbWvd6tT3nR5VO5gBWqScMPOYdOb3lsnsEXwoU7Ya-32cwq5nNtRb2OigrIhFUHfuvWzX5kHYlEO9OcfrBa-zACPXHMNSqABCi3AMdpxdrvnGoq3FLDvdjMCqxyhNUvTQok26_VP1xZZMsSefotnO760yXE_kjrRujNeTt8fGV-PRM8o2QXOSonKVX4kJVMOx-On1O5qh1K6TCib0FL6OnY2Tp5LNssNU-IPYLuWihzeUoT1SeczNlTf5QALFelWH17uRTd4Q46FiIlHu0zF9UD7dzBZM60OWixLpDX8RoWdJsnfnrl9Ls52cBnKYrmzQoCABcXjCYiRmZFSD_hR2wpkh-YJ_7m5wcG2tHCBT_y9ArCfdoBANOyZ0_ZdATiKjOEiOTjYuEWY1_0cYtzp_XtcItldaNns-eqcsMxb7whXvLhj0AyXMNJ2bkxCMgVOgHty-Zuto7WEhDI_P_jnKzdQX5rD0ma9FqPiaU4rZEOdJabT4UZjNP-eGelpP6_0brume23aPezv-_qWfvaW608N2ZfY8KZGiZD6STeMGd8yFBym5HDFOCoDf67E2VCRQHN-3PcJn4v44hUxLK6k4ZiBh5YHQ_MjlAmytiOm_N2EmFb_pqQSZ3HBeSlSnEtoNZXYg5nuh1R0Talu_BWrNKGuw9RfGAjdjhrUgN7upgNTk2YcaeGggTsRMUWeq-S9-waq8yg2E7MtUxpgl5ci-J5s_BFkdjHla4fTVkgZGsKDrg7oSJ0ZC0wAX9rBVPMKx3R8dGJQkS3KDWB4ly3RUBc9JlGxAZ2sQzAp9uoe0sdTshOpRwv60O8zCM4hc90l97xJppkDc-U3dKHrs9VIZHlYt7529nZIUgzeHNRTSFP-f_pv2jZdI1-YP2u65Z_yKxG0Nd_sJl90L5bCE75yfyQWuAEB6NJMeGi5qLo4uITpwaLEYttX7m-X5BSH40-mew4lF1CWrOrF2uRBQ382zuSeF0tHMup0gnVHS1XE6fCso4etzjY1orTHi2UdfKJnjimmuuwykmm_UUD9GHlUGgltDloSqriWgOkU_bHBs8jLuegZ8FEaQQgEEjsALx4X_ykPXm0GGJk0k7RWDGIr2G6H-cbDCCiw20Nv8kF_3W0nCVspQr4ahEIM9zctteiX84KTVMrOdhgBYAE&cry=1
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 3F28 91 KB
92 KB 167ms
121ms Script
application/javascript 2600:9000:26da:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 15972420
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: EDt5of59iH1fpSN1Wl4_DKwKIAToW-AWoKNKBcz5IAZSZrHe3ANg6Q==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 614E 43 B
215 B 378ms
120ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=6c71c6ca-22c3-7789-a301-ec12c395d789&tv=%7Bc:2IehXM,pingTime:-3,time:120,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:120,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B115~0%5D,as:%5B115~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C191%7C1a*.1525518-72172425%7C1a1%7C1b11%7C1b12%7C1c%7C1d,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us,siq:15%7D&br=c
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 614E 43 B
215 B 486ms
233ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=6c71c6ca-22c3-7789-a301-ec12c395d789&tv=%7Bc:2IehXN,pingTime:-6,time:121,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:121,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B116~0%5D,as:%5B116~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C171%7C181%7C191%7C1a*.1525518-72172425%7C1a1%7C1b11%7C1b12%7C1c%7C1d,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us,siq:15%7D&tpiLookup=ao:randomgenerate.io*&br=c
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 6774
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1525518/72172419/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CHnW4tRvN7xrlrsJWzW5o_9lyYQVWwzt6ZWZRLsqkkGE42KH8l0Fv...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CHnW4tRvN7xrlrsJWzW5o_9lyYQVWwzt6ZWZRLsqkkGE42KH8l0FvPdqvwEL_owQD8z8ahMbyXEevFx...

53 KB
21 KB

193ms
149ms

Script
text/javascript

64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CHnW4tRvN7xrlrsJWzW5o_9lyYQVWwzt6ZWZRLsqkkGE42KH8l0FvPdqvwEL_owQD8z8ahMbyXEevFxYeiuJH_OEXp14GYAcl7VN3Y1ueb1BElDKS2J591-Wd91apaMe1dTVUBcHBmgaa5l67kETvyofQGb63cfXs4EeRMrkU9fEpSbm4metaH8b9tI5jdFQZWy_buEtkUAKAmf-A40QHaEsHyRFmCKAIDVuEGZ-z_20v7sKqd4k3Bvd_PclE21c8RMKf6_tV3v_jPoCHAGBMULuAsKoQehcPq5RzFUseWlh1eS4cUDaH3lEno4PQjzthOXq7jPisCm4alcet_CmnD_BfYceJGPDjgPNYsWulEY9Bc57m3hMxxlZIokNJbhautg6dW1xmp6IQN7Dznkt0bn5KhwiVd_FboSJROBuvqAckRql1OijZG29s5o81fX8hmM8pferHag5KK5zra1pLN6hNiO4ynShVWj8pPkm8pIluHPyP3WFW9gZqszKQqOr3IBVofLeFNsGx2TbEUsF-eIptwa-pdP8PSW4YzdKsH6XsfRMuQvsJELNt33F3Eh8vkfq495P6eui71fwuJ79EfMMDW9rOXB7kmxSQY7VGtQqkSvro4TOwwtKoK-zrIvDSPxiLqPZ_O29sSMVUM8FPrQotVqPCdG8bgxl8LxR2FN3USVYZrmyQjqUzeN-P49TAlycWislB0CQhiqdxHrNn0EiptBJkgFG2Lh-j4VwtjlN6VhYUFVAHby9x6m4Kt_a4sykySdS4A_lCJuZW6vyxjYohzdd6pbl6NuHBCfUJWdacXp5b90ly3PUHG2RDPL7-5LcVte9sFXyymwuded8ceextKucmKmAAfc1iIK_pQMWMBt6dONoSEg2WshXWFZvi-bcu9F3_fWQABFY7hl4rAzo2g5p0jU7h35yh-7kyEHeIuLaqtPcQ3OFlAnx4NKdf0YSAgbQVJ2J4iU6bTrLZVf9iY48Ry4iyRaugbMqIH4EEVpKOscvtDqz5QfjopSu27XbqCorSNmBjwo-GGKHiohdl2EZgXdArB7og6UMeAtIcF-R59kJPcY4ZB0CXCwZ5ifIUyOedTaN22s4YYivKfqtvF3R3sxkZNSejbEIGc3dbXgLoASXwkO2zA7gjJDkyZl97ZTqWZL9SuwmIjDPKX0PkTCAGIZwergOML1uY6MC3xjiD_z2tKrmp_kbIfyZfGF_tVPoGYQWZn4ER39iPD_WsIogSonFFo-0tZqwVMIbLpP4DwPnDrOlHaF0mZsHwqBtOkDWvP8bzyHPWSKikSa2-iAYR1sA1U1fLARj_KmaZ0sFOZPakahGw9CdRqsxGZywXdO954IL0Rr2ue554I0TIpsSrrg_oSchQ9Ur0u-_wbCcmQXcWhxhbhbAWtc4jZzZQi_CKC9zncq1LGQcUwL9axz262a7IFC3ZmrL4EA4t71y4-JuKgCDPZXr8dqAhhKp0-6QtxLCk6RCRLgtqzzdWc7XDR57-FLy0jYNNxwj3RSMZsQ6UT-OHg7Pp1F6cAde2ReQ3Zkotf-20gViqUeYDRXsVcuNZwrwXrqY14hjP21GgJb2Ny5dXGjXhYI7ZnY5TIvniioW6H3c0q8qCCHsBKFujy_V-fRJ16ipD5EK8PjSD-cHPphdsVl0vdmmhbb1dVNNaJKmb4HkmL-E6jQ3UV1ETXjWikhCn_jetgYh102dqeSyLD5v8LG1UKRSp6JnAPE3sq8Whgo32iechi9SLvayVlzEupPXSakwhZNZqsKuEylP4A0dbcpTyXfHT5l929_TwS0xZN_tRewYDE2hlLTwAcP4ygsq_o_mP9LWXCMkFdA8mcytySc1sZ39ymW3Yh3j-lriLe2enlfogXZDwZnMfo_d6Uph8_z9Q2HC2rhNoj8RoweIktThVapIcRSpEqq4gStUOkZyYuJ1xks6kOeCrh6hn7-JqZzA-lzdlUqkbNlZUyJZEH3Ao1xu4B6bu3qDj3aGcaYio9EKi1-WfQOu9DAfsgKYFWHVrv7Np_CO78ub5wqEgsX-8F5pCkydYGwL7FA3jFRDIk4r8C8cpfE9CFfOhcvlzv562zPpKyMZUxjUHr7s2FBIz94U_lYd94mYp0Hu1TIUUZMfF9WTTVyCZZzQ3dGLiYPu5lAyc8JEdC1SCq4Z-YDXtjhEA_t8Gz568hYRoDnrUqcet6O6cfbaYn61xvQYJrfBllrc_SU61HJLvWFO8mx-ZybeVPc8FvqrNnq3jJoRzIMB4WDfH3I92nVdycamZsf2O571RHc8N8it7AYIx4Jpc6m0xBJb79ogZ4gpAvcQbcZUA0bbx94YhLLViYe_UoGqxW-8P8fDEPew-GW2Tsq-TXhZ77YPaydn8CGTfiTiho2TweAMH_K24HDRuq-5Mpxl_HnHCc0nSWXWxqMarLKTsrAdf_ECeMVfRV0n5qhIy53cvfLbQLGoyopP7FZjhbfVJahOJHVv4hANTsxNdTQCJYn6Q0St7DJrUunCcbmxKH4FatxsEbV9ni2Bj2ksC1hz4i60krKylvy-NvRJycGtySN8E8BxPgKZ74URctGkVQcAQVo_TCYaZOSdiKKC-jmuTV2wBzJZcM_l_4f3_6qKvrvZNy1TMxOXhTiVXqfq9YsOoI0eOVAUtuj929TDG3B3BsXgtpfCqA1VHS8LmLuN5iOzmeVil_AXwi5FyNtnZax8ysLX6wEsQ9b6s38myOa5WgALlSBdGKiHSxSj_qwqSUvkvg3S2DQl1qRFeAoJhm4P5-Yc7seqhxgpBsC4_gihfKMtams6ucs5o0JQyut1e-Yiyo-7QSrz1gQL0VlQN81tvPf0_butGiHL7DK_PEmlc_b30d8-hpISsxusR46UypCpKeqlqW39kpsqBM4Eqw-JfbYyA7QxQAwjLQau56vs01FO3b8Gvw3q_OhXZ9DARq1LkBc3-moIzqNmH5Qk5FxAGUDzZMZWXGECQSbu6jbIU5kBH1QYWNkoXINoEllbBve-j_MlNtL3O1MlhLvgVaD3v-6qaSNf5JrBzHJfO1-CPrNiIOe3TPebfJ5vqqWgu9XSKd17o7I8DWkUVWMiWCAipjbY8-QtSum6sX0-GFdLzjWPmep3KCVAYQgd1DLE5tbIpdX-bMJprhGCAJOm9Qu1AXZIbUR3YqFIg3_FRhEtPXYCnF3RYrDWHz8ihiT1FMhqW-Ks--mZPLIHWUNKld1W7HCk_BMJ2KwRytL2PZtDFlJVYT9HxHn9uPtapq3inlMaQisgjFNHxewJmVBaBRAQKniVF8dnBs1uIBafYZwSQrbYkguE0hnnoHOjZzu5Rv0Db_3Spxv36R7c0YZStrYof2mER_WmZn7VJ2WkDCry3tJX3XPii162xUu79fZ-w3gDYnUGW89NfNpWEfQqlCEJdMYeF2Kyn4KqDclmvqHyjpAWEQQDAOK5qoZpxi5ddkEYaQH2fhLlJAYs6MLIs0jVBtV4SCLT2iNnGUBP7dho8255gfIgr-TImhCp0CteTGea2VIMnRlriqOli17SKSm-90sf9wV4qVyIp1PtdISdd4LFW9EJznQ7BGhCpaOJ6reQlpYzGgj2fctDn4vJZS4tnIen8X-pl7bnxVnEVwrXQkYRdKB8D-buodRoNVDrja-2OiXnrazNB0K-l9l7zsk2nmy79Kou0WzNYzox7GG4E0-2Fb51MKm7G0tG1av4vgDlXm5T_BZ8GKf8h858C5sGR0GkEIBBI7AC8eF_8pD15tBhiZNJO0VgxiK9huh_nGwwgosNtDb_JBf91tJwlbKUK-GoRCDPc3LbXol_OCk1TKznYYAWAB&cry=1

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

64.233.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f154.1e100.net

Software

cafe /

Resource Hash

927a6fc98c863add37e1dcf9ab6abfc08b2c42cf2a606766095dec11d1085c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21349
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CHnW4tRvN7xrlrsJWzW5o_9lyYQVWwzt6ZWZRLsqkkGE42KH8l0FvPdqvwEL_owQD8z8ahMbyXEevFxYeiuJH_OEXp14GYAcl7VN3Y1ueb1BElDKS2J591-Wd91apaMe1dTVUBcHBmgaa5l67kETvyofQGb63cfXs4EeRMrkU9fEpSbm4metaH8b9tI5jdFQZWy_buEtkUAKAmf-A40QHaEsHyRFmCKAIDVuEGZ-z_20v7sKqd4k3Bvd_PclE21c8RMKf6_tV3v_jPoCHAGBMULuAsKoQehcPq5RzFUseWlh1eS4cUDaH3lEno4PQjzthOXq7jPisCm4alcet_CmnD_BfYceJGPDjgPNYsWulEY9Bc57m3hMxxlZIokNJbhautg6dW1xmp6IQN7Dznkt0bn5KhwiVd_FboSJROBuvqAckRql1OijZG29s5o81fX8hmM8pferHag5KK5zra1pLN6hNiO4ynShVWj8pPkm8pIluHPyP3WFW9gZqszKQqOr3IBVofLeFNsGx2TbEUsF-eIptwa-pdP8PSW4YzdKsH6XsfRMuQvsJELNt33F3Eh8vkfq495P6eui71fwuJ79EfMMDW9rOXB7kmxSQY7VGtQqkSvro4TOwwtKoK-zrIvDSPxiLqPZ_O29sSMVUM8FPrQotVqPCdG8bgxl8LxR2FN3USVYZrmyQjqUzeN-P49TAlycWislB0CQhiqdxHrNn0EiptBJkgFG2Lh-j4VwtjlN6VhYUFVAHby9x6m4Kt_a4sykySdS4A_lCJuZW6vyxjYohzdd6pbl6NuHBCfUJWdacXp5b90ly3PUHG2RDPL7-5LcVte9sFXyymwuded8ceextKucmKmAAfc1iIK_pQMWMBt6dONoSEg2WshXWFZvi-bcu9F3_fWQABFY7hl4rAzo2g5p0jU7h35yh-7kyEHeIuLaqtPcQ3OFlAnx4NKdf0YSAgbQVJ2J4iU6bTrLZVf9iY48Ry4iyRaugbMqIH4EEVpKOscvtDqz5QfjopSu27XbqCorSNmBjwo-GGKHiohdl2EZgXdArB7og6UMeAtIcF-R59kJPcY4ZB0CXCwZ5ifIUyOedTaN22s4YYivKfqtvF3R3sxkZNSejbEIGc3dbXgLoASXwkO2zA7gjJDkyZl97ZTqWZL9SuwmIjDPKX0PkTCAGIZwergOML1uY6MC3xjiD_z2tKrmp_kbIfyZfGF_tVPoGYQWZn4ER39iPD_WsIogSonFFo-0tZqwVMIbLpP4DwPnDrOlHaF0mZsHwqBtOkDWvP8bzyHPWSKikSa2-iAYR1sA1U1fLARj_KmaZ0sFOZPakahGw9CdRqsxGZywXdO954IL0Rr2ue554I0TIpsSrrg_oSchQ9Ur0u-_wbCcmQXcWhxhbhbAWtc4jZzZQi_CKC9zncq1LGQcUwL9axz262a7IFC3ZmrL4EA4t71y4-JuKgCDPZXr8dqAhhKp0-6QtxLCk6RCRLgtqzzdWc7XDR57-FLy0jYNNxwj3RSMZsQ6UT-OHg7Pp1F6cAde2ReQ3Zkotf-20gViqUeYDRXsVcuNZwrwXrqY14hjP21GgJb2Ny5dXGjXhYI7ZnY5TIvniioW6H3c0q8qCCHsBKFujy_V-fRJ16ipD5EK8PjSD-cHPphdsVl0vdmmhbb1dVNNaJKmb4HkmL-E6jQ3UV1ETXjWikhCn_jetgYh102dqeSyLD5v8LG1UKRSp6JnAPE3sq8Whgo32iechi9SLvayVlzEupPXSakwhZNZqsKuEylP4A0dbcpTyXfHT5l929_TwS0xZN_tRewYDE2hlLTwAcP4ygsq_o_mP9LWXCMkFdA8mcytySc1sZ39ymW3Yh3j-lriLe2enlfogXZDwZnMfo_d6Uph8_z9Q2HC2rhNoj8RoweIktThVapIcRSpEqq4gStUOkZyYuJ1xks6kOeCrh6hn7-JqZzA-lzdlUqkbNlZUyJZEH3Ao1xu4B6bu3qDj3aGcaYio9EKi1-WfQOu9DAfsgKYFWHVrv7Np_CO78ub5wqEgsX-8F5pCkydYGwL7FA3jFRDIk4r8C8cpfE9CFfOhcvlzv562zPpKyMZUxjUHr7s2FBIz94U_lYd94mYp0Hu1TIUUZMfF9WTTVyCZZzQ3dGLiYPu5lAyc8JEdC1SCq4Z-YDXtjhEA_t8Gz568hYRoDnrUqcet6O6cfbaYn61xvQYJrfBllrc_SU61HJLvWFO8mx-ZybeVPc8FvqrNnq3jJoRzIMB4WDfH3I92nVdycamZsf2O571RHc8N8it7AYIx4Jpc6m0xBJb79ogZ4gpAvcQbcZUA0bbx94YhLLViYe_UoGqxW-8P8fDEPew-GW2Tsq-TXhZ77YPaydn8CGTfiTiho2TweAMH_K24HDRuq-5Mpxl_HnHCc0nSWXWxqMarLKTsrAdf_ECeMVfRV0n5qhIy53cvfLbQLGoyopP7FZjhbfVJahOJHVv4hANTsxNdTQCJYn6Q0St7DJrUunCcbmxKH4FatxsEbV9ni2Bj2ksC1hz4i60krKylvy-NvRJycGtySN8E8BxPgKZ74URctGkVQcAQVo_TCYaZOSdiKKC-jmuTV2wBzJZcM_l_4f3_6qKvrvZNy1TMxOXhTiVXqfq9YsOoI0eOVAUtuj929TDG3B3BsXgtpfCqA1VHS8LmLuN5iOzmeVil_AXwi5FyNtnZax8ysLX6wEsQ9b6s38myOa5WgALlSBdGKiHSxSj_qwqSUvkvg3S2DQl1qRFeAoJhm4P5-Yc7seqhxgpBsC4_gihfKMtams6ucs5o0JQyut1e-Yiyo-7QSrz1gQL0VlQN81tvPf0_butGiHL7DK_PEmlc_b30d8-hpISsxusR46UypCpKeqlqW39kpsqBM4Eqw-JfbYyA7QxQAwjLQau56vs01FO3b8Gvw3q_OhXZ9DARq1LkBc3-moIzqNmH5Qk5FxAGUDzZMZWXGECQSbu6jbIU5kBH1QYWNkoXINoEllbBve-j_MlNtL3O1MlhLvgVaD3v-6qaSNf5JrBzHJfO1-CPrNiIOe3TPebfJ5vqqWgu9XSKd17o7I8DWkUVWMiWCAipjbY8-QtSum6sX0-GFdLzjWPmep3KCVAYQgd1DLE5tbIpdX-bMJprhGCAJOm9Qu1AXZIbUR3YqFIg3_FRhEtPXYCnF3RYrDWHz8ihiT1FMhqW-Ks--mZPLIHWUNKld1W7HCk_BMJ2KwRytL2PZtDFlJVYT9HxHn9uPtapq3inlMaQisgjFNHxewJmVBaBRAQKniVF8dnBs1uIBafYZwSQrbYkguE0hnnoHOjZzu5Rv0Db_3Spxv36R7c0YZStrYof2mER_WmZn7VJ2WkDCry3tJX3XPii162xUu79fZ-w3gDYnUGW89NfNpWEfQqlCEJdMYeF2Kyn4KqDclmvqHyjpAWEQQDAOK5qoZpxi5ddkEYaQH2fhLlJAYs6MLIs0jVBtV4SCLT2iNnGUBP7dho8255gfIgr-TImhCp0CteTGea2VIMnRlriqOli17SKSm-90sf9wV4qVyIp1PtdISdd4LFW9EJznQ7BGhCpaOJ6reQlpYzGgj2fctDn4vJZS4tnIen8X-pl7bnxVnEVwrXQkYRdKB8D-buodRoNVDrja-2OiXnrazNB0K-l9l7zsk2nmy79Kou0WzNYzox7GG4E0-2Fb51MKm7G0tG1av4vgDlXm5T_BZ8GKf8h858C5sGR0GkEIBBI7AC8eF_8pD15tBhiZNJO0VgxiK9huh_nGwwgosNtDb_JBf91tJwlbKUK-GoRCDPc3LbXol_OCk1TKznYYAWAB&cry=1
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 2741 91 KB
92 KB 149ms
149ms Script
application/javascript 2600:9000:26da:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 15972420
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: TEy4YFBUC1-_-lXb3CeXP4FwZyAkqgihbDDlrrgTtClDGSPvNfWA4w==

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1629
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

59ms
59ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:30 GMT
expires: Mon, 29 Jan 2024 17:30:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 17:30:30 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CEA6 43 B
215 B 448ms
235ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=14eabd31-13cc-6cae-4b79-a87652180509&tv=%7Bc:2IehYv,pingTime:-3,time:109,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:109,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B104~0%5D,as:%5B104~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18*.1525518-72172419%7C181%7C191%7C1a.1525518-72172425%7C1a1%7C1a2%7C1b11%7C1b12%7C1c%7C1d,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:15%7D&br=c
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CEA6 43 B
215 B 448ms
238ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=14eabd31-13cc-6cae-4b79-a87652180509&tv=%7Bc:2IehYv,pingTime:-6,time:109,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:109,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B105~0%5D,as:%5B105~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18*.1525518-72172419%7C181%7C191%7C1a.1525518-72172425%7C1a1%7C1a2%7C1b11%7C1b12%7C1c%7C1d,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,siq:15%7D&tpiLookup=ao:randomgenerate.io*&br=c
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D81B 41 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:54:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 365773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 11:54:17 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 614E 43 B
216 B 304ms
118ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=6c71c6ca-22c3-7789-a301-ec12c395d789&tv=%7Bc:2IehYU,pingTime:-2,time:190,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1086,beZ:1087,mfA:1090,cmA:1090,inA:1091,inZ:1093,prA:1093,prZ:1096,si:1101,poA:1105,poZ:1131,cmZ:1131,mfZ:1131,loA:1207,loZ:1211,ltA:1277,ltZ:1277%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:190,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B185~0%5D,as:%5B185~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18.1525518-72172419%7C181%7C191%7C1a*.1525518-72172425%7C1a1%7C1b11%7C1b12%7C1c%7C1d,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:15,sinceFw:171,readyFired:false%7D&br=c
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6774 43 B
215 B 422ms
237ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=b7e846e2-d4ab-a3ec-b803-79dc6ca0f9cc&tv=%7Bc:2IehYX,pingTime:-3,time:68,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:68,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B62~0%5D,as:%5B62~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2M3uCW+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18.1525518-72172419%7C181%7C182%7C19*.1525518-72172419%7C191%7C1a1%7C1a2%7C1b11%7C1b12%7C1c%7C1d,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,siq:16%7D&br=c
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6774 43 B
215 B 298ms
119ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=b7e846e2-d4ab-a3ec-b803-79dc6ca0f9cc&tv=%7Bc:2IehYY,pingTime:-6,time:69,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:69,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2M3uCW+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18.1525518-72172419%7C181%7C182%7C19*.1525518-72172419%7C191%7C1a1%7C1a2%7C1b11%7C1b12%7C1c%7C1d,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,siq:16%7D&tpiLookup=ao:randomgenerate.io*&br=c
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CEA6 43 B
215 B 412ms
234ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=14eabd31-13cc-6cae-4b79-a87652180509&tv=%7Bc:2IehZ3,pingTime:-2,time:143,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1196,beZ:1197,mfA:1199,cmA:1200,inA:1200,inZ:1203,prA:1203,prZ:1206,si:1210,poA:1215,poZ:1233,cmZ:1233,mfZ:1233,loA:1305,loZ:1308,ltA:1339,ltZ:1339%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:143,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B138~0%5D,as:%5B138~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18*.1525518-72172419%7C181%7C19.1525518-72172419%7C191%7C1a.1525518-72172425%7C1a1%7C1a2%7C1b11%7C1b12%7C1c%7C1d,idMap:18*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:15,sinceFw:124,readyFired:false%7D&br=c
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame D81B
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1525518/72172419/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CDKo2X86noEY_cVD5D7bODgX0nJKGqWMopmSeUoxdxFxYUUi30Wds...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CDKo2X86noEY_cVD5D7bODgX0nJKGqWMopmSeUoxdxFxYUUi30Wds4smSU9rNR9XU5z1JYy3zJK9xBJ...

53 KB
21 KB

133ms
132ms

Script
text/javascript

64.233.167.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CDKo2X86noEY_cVD5D7bODgX0nJKGqWMopmSeUoxdxFxYUUi30Wds4smSU9rNR9XU5z1JYy3zJK9xBJW0GL0LUnRyLxxxh3ZPiDzwcY47wzPFhFhMO3TJ5erKy9TuWe7xTa2zxAHllMEG4CZCYiNAo7R-PSu6yVseEq1tJFKfezo6xOHcTlZLMBkQHI2lt4CRuj8hnEskUAKAmf-A4pPVEG0UW-n-n1Zdmi_ZeZtyka4lkMZVYsfi6WLNv68ypRzzc4HwlZK7AXlL-kPE8oZQ8R3AbNllo1wGgFPIo396X9wDNSHPrb42uAwqh54AHkwl2s4R7XVwPxyVTSPaJ7L4mpUPL5PQRpjQNYEiUjxIMo4U6LaUA8AYsNUT6DEGATBYZdIYIgMHaG2m7hNSYYBEzWwB1AWx3CoP54GUT7xhCIOrJQDMqJHKZ-JXDxX3a7i9yG-uWINVQ8EsTtg4eH6A6ZBzCy0sIHQSz65VZGEKhbdPlWUZU_5PJ8RqsHtJd6jUDGHw_aYyAwEFQG1a1StJok9P5557Xwg08stRAw24-SIRv1voXZ-eHjKsjbCZYxMO_-q_D0Oq6FDvwZHP88sFYovswEiuZABwPN4CCEdB0X4b3tshQVhe7W3zgnGw9H8m5BpAoEYHbUPlRFLEj0q2t91Ciqvv7IGXEWqjDBTXKss5ufVRgs3MhvloLj2ijaZ58GVqF7IRNP8ec1_czeoLombdBVxiF3nWPu09tVfyn20aKIp8fW8u3E4bqqOgsZfzOk4_zmu72lM1vd3pThtSNm-NqhshSLilJntYfE89m3kNFVcdF-AMDTN5a0Ef74EVYEwdd-pvlzd_wOoTwyx56ZS_kcSFcb3UYewBX8bdtBWwCUiYnu4LowWSM-Pc5jOhCguXL7IDBg-sQdm3P9gZZmlJOMul87eWSix9tH31SIbrKeXo9Dkn-nn-MCn5Pw6HXd1yia35rs7BVjgE2WcbYtSvZFgCn_QTOn90CN1jn3abAGfwaqLOZpNZrVe8AbZmsgPdpVLrkVhiFwKUgfcBELb0rnAkgNVVHEPmMSk-mgkQ0cOku2uAIIrIKTYD_FLN9qCq-4fQTkiPDvCnI_e8VwQy5MwebWa2oKHff7bgi43Tf5YcgaXWzH4n-6gBZkBhCy54AZOoH0Mdb2tT3AHGl773VX5A4LUs8sp8Wuaa5JAllwURog_vtdq1sIxcNn1F69IjgKBTK4-f9s80UHgBpUNi04OWw40wkhi2dBddlbc9XbqyS5vJqdJQlcUqg_1JkXum9-zhXCC8jZn8p0gcVFdJLqDi2gvUdIZfrE2pC3fDAXcKTQtoLF1k83qwtT10mXjNb_buN7wExbuHP543UwLCVITznMWbi7SC0qRPxnMknZIRLtE7itKzXXMWESfqc1cOtPG18vT-dhSYalrJoJeWQEf_TI4vtVfB_F6kP38qvh2JjgtprtK0QamUf0hhZPOEmZ-DX3dMI8-ARjTkGb1KZUySPu1sXYoe7MLn9GCF3XDSF3eokY7TIOjqLPLsm07wU1IjLoxqdvjMnXd78pYR191RneaLHESyYnkB-i-Mf_OaSfNA8eFDjDjIHrQPos1OfFuKLoaADfgpEf1SbyFeuXIf1I50pnROhzBmEI5Kou0WPvxmofYKURNwKYIjnjL9e_MWnVx68tft0-ystnH9zkkZKwdikQARmPNm9j5MFU85jP1U8Ihqi3GSvnbwkx2mUFgPPRehtljLn_n28kgA8DaC55amBaw-KbxVe98ldwjhCiy3HIjZ_Ll3GAxp0znU6IDFZdYM7wccXq6xS20djpWICnyBf_lFNQdGd9ghY0GX-LHJfuVmBA2BbmlbXl0_nyNBsktOvD_ISyK_DbNDPupMZlq0bJWIDpEQfEZ8Xw5y7fS61U8A1YabsXCqDtH0XlrLqq58uTZwE-zmXiY69Ay2g-Upkyk26vVAzR5e2YfJOgENJlKgLos1dJiulehw23WdQVNZrDgLAHNTx2dFDtnohsIIwB1nvcT5xPMtvk3qMgvze_t6Xjok542ubdwyfSmylxHJDO5gt355n71Zb3kmmZyZddmM8JBIbd3NlfXBtk1ypQ7gch1epVPZqkUZelLEswOyOJEx8d0zh5Y4FYNkb3-DKnD3LUK2oAvXawx4hOpiEfVN8cxyzw_taJSsp5enZR2OZ8OagtgojwXoRDcy0JHmEBq20OyxpyZGUvaMSLW1xzpXuQrvxE_vmPoYL27-Ds5Jj5E6bmbgyjS_7XIJFxBwXuCRkek6QbMv4DgSL3z0GucWRrD2IvxbZexPE9GcnVM_MR0X86UHnpGkL3h-dYsPPQ5bYJELkZrhImnKCuDk71bhnN5HJok2_xSymVJdCfRXPaMBT-qBAqrm_4fGhsexaJjv2IKoIQv5wDQpQMa9iTNhswVYknrxXeRQK_A7cDRQiE7-OhvL0LnSSbJt6U0rIaI6TU09E5TDPIyuQnKPor4KOlj-sUSVIzVJ6ScmWYlfdpV2VXlaXxDJUQBtY2_REp4jAER4dMfr2DEREjMMmrD51sfg_09Ckm5978ueKWRSZlWyJJxOlpnvsAd8_26gofChyVkd5pfKF4whAmMUoG2JlQbyNnmRKPCcgXgZq6e8nOYUMvttACgPhHv8QZ31R6BrS8sfae7e9VS1851oVTM1q5ifPXw0rPEeHDcSb52o-HCHiJdTAr5HmLecs2iOUAi3yW6GsPUjkZ9HRUv0xxGV3CAaQlhD9Wy5hop_p9JKmA_bUdbveyzAYPBjQdsrJ_L0VvJcOMT2vybQWuD_qhh_lgQfeci_RhhoSpDGZ6BAKjzAWzz_ojSSekkjeHbN1r32NTcFoC6WPoISWBj-scLimjXJ5fNInfnsSaMYvJbMYWuxdGov3xRZdMIr3-DT0Bp8tFdqpZYyk3X7uZpk_Bb5gc5lpuI5-LIgOa-QzSISnLEHDNoNew1p0Pdco06V-9uQ80R6veA4-ZLrS6XVud1UTw2wJko4IHd9esj6voAdyqKEqwKr3x8XLel7iuQWIAUVsZ0O96uh21Shw82ynSwaNm7kPMlmpbc-_KAhDi0opOrTGeD4hqvpoTo7JZQB6Dh7MDCoRv7VP5piLGfqxKAw1IEGUUlUni225CG2ckvocQVcAfRwVmAI-FOkC_GjhrU5FjFgWnmJOWYBe_2fh9dushQ7CBXkkONFcSvaN98wqzK_NDt4ZNQIK_s-DkG-x9RxV-gzYyuam3ImtFtlq14NdP_i18oaRydhPBcX3xbtPAXATdggiegpq43ZeWpuSppHCGgPN804xSdYhZXgWD4LiNnxTbxXPSW68TW96xXgOxfZU_XARavBqmC4zmeAAY9mBk3JlHp3GbksLmXE0LxSEjMG_Hm_8SUV-djiuhSjDIMl9lS1M3CKZDmX_7P9ONZXXGNUJViJf0XrALTAGQJpbhxNUqKoSJ3Ejc24uBMklX4OR7WLZt90JCY70zmtXV7-ZGs_ff_6LsMrNHi4kL2QmhJl1UGLgWZ9QcYB33THLF-r1ZnUlORJ0rkgutfND6MRVHXoM4rSzkuIr23nW3XAw6F28rzCJzH_Vq4Fr-2VB7FLFgxvaWeICOnb5-m0JJoMJPdpkubt4bQFAE6NL1xshveR7bnRJTOyAEZbfg0XMXgEQ3aFoicKL3SJ0qF-9mCE8NGPtagsBcVTmP8vwIdCyYO922VgaQQgEEjsALx4X_9Xn435f_tEqxLqzlQjQ8ZzYZ_KGPS8obIgm-75V0Z7FKOr1w3xodVCexMTEdVrqi0fAW9Bg2hgBYAE&cry=1

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

64.233.167.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f154.1e100.net

Software

cafe /

Resource Hash

42905a167ab0a736cb122795ff5bf4b6da102b7caa4ea2721decaa40defda687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21321
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: app10.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNXg07rd0i9bADXSKnt5cKzEA1Gx_0xYk9HuxofPCyZCKsAmUYM&d=CpkBAKAmf-CDKo2X86noEY_cVD5D7bODgX0nJKGqWMopmSeUoxdxFxYUUi30Wds4smSU9rNR9XU5z1JYy3zJK9xBJW0GL0LUnRyLxxxh3ZPiDzwcY47wzPFhFhMO3TJ5erKy9TuWe7xTa2zxAHllMEG4CZCYiNAo7R-PSu6yVseEq1tJFKfezo6xOHcTlZLMBkQHI2lt4CRuj8hnEskUAKAmf-A4pPVEG0UW-n-n1Zdmi_ZeZtyka4lkMZVYsfi6WLNv68ypRzzc4HwlZK7AXlL-kPE8oZQ8R3AbNllo1wGgFPIo396X9wDNSHPrb42uAwqh54AHkwl2s4R7XVwPxyVTSPaJ7L4mpUPL5PQRpjQNYEiUjxIMo4U6LaUA8AYsNUT6DEGATBYZdIYIgMHaG2m7hNSYYBEzWwB1AWx3CoP54GUT7xhCIOrJQDMqJHKZ-JXDxX3a7i9yG-uWINVQ8EsTtg4eH6A6ZBzCy0sIHQSz65VZGEKhbdPlWUZU_5PJ8RqsHtJd6jUDGHw_aYyAwEFQG1a1StJok9P5557Xwg08stRAw24-SIRv1voXZ-eHjKsjbCZYxMO_-q_D0Oq6FDvwZHP88sFYovswEiuZABwPN4CCEdB0X4b3tshQVhe7W3zgnGw9H8m5BpAoEYHbUPlRFLEj0q2t91Ciqvv7IGXEWqjDBTXKss5ufVRgs3MhvloLj2ijaZ58GVqF7IRNP8ec1_czeoLombdBVxiF3nWPu09tVfyn20aKIp8fW8u3E4bqqOgsZfzOk4_zmu72lM1vd3pThtSNm-NqhshSLilJntYfE89m3kNFVcdF-AMDTN5a0Ef74EVYEwdd-pvlzd_wOoTwyx56ZS_kcSFcb3UYewBX8bdtBWwCUiYnu4LowWSM-Pc5jOhCguXL7IDBg-sQdm3P9gZZmlJOMul87eWSix9tH31SIbrKeXo9Dkn-nn-MCn5Pw6HXd1yia35rs7BVjgE2WcbYtSvZFgCn_QTOn90CN1jn3abAGfwaqLOZpNZrVe8AbZmsgPdpVLrkVhiFwKUgfcBELb0rnAkgNVVHEPmMSk-mgkQ0cOku2uAIIrIKTYD_FLN9qCq-4fQTkiPDvCnI_e8VwQy5MwebWa2oKHff7bgi43Tf5YcgaXWzH4n-6gBZkBhCy54AZOoH0Mdb2tT3AHGl773VX5A4LUs8sp8Wuaa5JAllwURog_vtdq1sIxcNn1F69IjgKBTK4-f9s80UHgBpUNi04OWw40wkhi2dBddlbc9XbqyS5vJqdJQlcUqg_1JkXum9-zhXCC8jZn8p0gcVFdJLqDi2gvUdIZfrE2pC3fDAXcKTQtoLF1k83qwtT10mXjNb_buN7wExbuHP543UwLCVITznMWbi7SC0qRPxnMknZIRLtE7itKzXXMWESfqc1cOtPG18vT-dhSYalrJoJeWQEf_TI4vtVfB_F6kP38qvh2JjgtprtK0QamUf0hhZPOEmZ-DX3dMI8-ARjTkGb1KZUySPu1sXYoe7MLn9GCF3XDSF3eokY7TIOjqLPLsm07wU1IjLoxqdvjMnXd78pYR191RneaLHESyYnkB-i-Mf_OaSfNA8eFDjDjIHrQPos1OfFuKLoaADfgpEf1SbyFeuXIf1I50pnROhzBmEI5Kou0WPvxmofYKURNwKYIjnjL9e_MWnVx68tft0-ystnH9zkkZKwdikQARmPNm9j5MFU85jP1U8Ihqi3GSvnbwkx2mUFgPPRehtljLn_n28kgA8DaC55amBaw-KbxVe98ldwjhCiy3HIjZ_Ll3GAxp0znU6IDFZdYM7wccXq6xS20djpWICnyBf_lFNQdGd9ghY0GX-LHJfuVmBA2BbmlbXl0_nyNBsktOvD_ISyK_DbNDPupMZlq0bJWIDpEQfEZ8Xw5y7fS61U8A1YabsXCqDtH0XlrLqq58uTZwE-zmXiY69Ay2g-Upkyk26vVAzR5e2YfJOgENJlKgLos1dJiulehw23WdQVNZrDgLAHNTx2dFDtnohsIIwB1nvcT5xPMtvk3qMgvze_t6Xjok542ubdwyfSmylxHJDO5gt355n71Zb3kmmZyZddmM8JBIbd3NlfXBtk1ypQ7gch1epVPZqkUZelLEswOyOJEx8d0zh5Y4FYNkb3-DKnD3LUK2oAvXawx4hOpiEfVN8cxyzw_taJSsp5enZR2OZ8OagtgojwXoRDcy0JHmEBq20OyxpyZGUvaMSLW1xzpXuQrvxE_vmPoYL27-Ds5Jj5E6bmbgyjS_7XIJFxBwXuCRkek6QbMv4DgSL3z0GucWRrD2IvxbZexPE9GcnVM_MR0X86UHnpGkL3h-dYsPPQ5bYJELkZrhImnKCuDk71bhnN5HJok2_xSymVJdCfRXPaMBT-qBAqrm_4fGhsexaJjv2IKoIQv5wDQpQMa9iTNhswVYknrxXeRQK_A7cDRQiE7-OhvL0LnSSbJt6U0rIaI6TU09E5TDPIyuQnKPor4KOlj-sUSVIzVJ6ScmWYlfdpV2VXlaXxDJUQBtY2_REp4jAER4dMfr2DEREjMMmrD51sfg_09Ckm5978ueKWRSZlWyJJxOlpnvsAd8_26gofChyVkd5pfKF4whAmMUoG2JlQbyNnmRKPCcgXgZq6e8nOYUMvttACgPhHv8QZ31R6BrS8sfae7e9VS1851oVTM1q5ifPXw0rPEeHDcSb52o-HCHiJdTAr5HmLecs2iOUAi3yW6GsPUjkZ9HRUv0xxGV3CAaQlhD9Wy5hop_p9JKmA_bUdbveyzAYPBjQdsrJ_L0VvJcOMT2vybQWuD_qhh_lgQfeci_RhhoSpDGZ6BAKjzAWzz_ojSSekkjeHbN1r32NTcFoC6WPoISWBj-scLimjXJ5fNInfnsSaMYvJbMYWuxdGov3xRZdMIr3-DT0Bp8tFdqpZYyk3X7uZpk_Bb5gc5lpuI5-LIgOa-QzSISnLEHDNoNew1p0Pdco06V-9uQ80R6veA4-ZLrS6XVud1UTw2wJko4IHd9esj6voAdyqKEqwKr3x8XLel7iuQWIAUVsZ0O96uh21Shw82ynSwaNm7kPMlmpbc-_KAhDi0opOrTGeD4hqvpoTo7JZQB6Dh7MDCoRv7VP5piLGfqxKAw1IEGUUlUni225CG2ckvocQVcAfRwVmAI-FOkC_GjhrU5FjFgWnmJOWYBe_2fh9dushQ7CBXkkONFcSvaN98wqzK_NDt4ZNQIK_s-DkG-x9RxV-gzYyuam3ImtFtlq14NdP_i18oaRydhPBcX3xbtPAXATdggiegpq43ZeWpuSppHCGgPN804xSdYhZXgWD4LiNnxTbxXPSW68TW96xXgOxfZU_XARavBqmC4zmeAAY9mBk3JlHp3GbksLmXE0LxSEjMG_Hm_8SUV-djiuhSjDIMl9lS1M3CKZDmX_7P9ONZXXGNUJViJf0XrALTAGQJpbhxNUqKoSJ3Ejc24uBMklX4OR7WLZt90JCY70zmtXV7-ZGs_ff_6LsMrNHi4kL2QmhJl1UGLgWZ9QcYB33THLF-r1ZnUlORJ0rkgutfND6MRVHXoM4rSzkuIr23nW3XAw6F28rzCJzH_Vq4Fr-2VB7FLFgxvaWeICOnb5-m0JJoMJPdpkubt4bQFAE6NL1xshveR7bnRJTOyAEZbfg0XMXgEQ3aFoicKL3SJ0qF-9mCE8NGPtagsBcVTmP8vwIdCyYO922VgaQQgEEjsALx4X_9Xn435f_tEqxLqzlQjQ8ZzYZ_KGPS8obIgm-75V0Z7FKOr1w3xodVCexMTEdVrqi0fAW9Bg2hgBYAE&cry=1
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 9588 91 KB
92 KB 83ms
83ms Script
application/javascript 2600:9000:26da:1600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 b25ea630a0bc5820a6901f77047718fe.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 15972420
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 93606
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: "1f3488247c90bb5de253d3d0cb3b7458"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 1UVRlaTwZAF97pT86cRMUCdAJ7rmO367uTOGV3ubi4doY7SFmW_KUg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6774 43 B
215 B 376ms
236ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=b7e846e2-d4ab-a3ec-b803-79dc6ca0f9cc&tv=%7Bc:2IehZG,pingTime:-2,time:113,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1239,beZ:1240,mfA:1242,cmA:1243,inA:1243,inZ:1246,prA:1246,prZ:1250,si:1254,poA:1259,poZ:1275,cmZ:1275,mfZ:1275,loA:1307,loZ:1312,ltA:1351,ltZ:1351%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:15%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:113,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B107~0%5D,as:%5B107~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C171%7C18.1525518-72172419%7C181%7C182%7C19*.1525518-72172419%7C191%7C1a.1525518-72172425%7C1a1%7C1a2%7C1b11%7C1b12%7C1c%7C1d,idMap:19*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:16,sinceFw:93,readyFired:false%7D&br=c
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 40B6 38 KB
13 KB 113ms
113ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 365773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:54:17 GMT
expires: Fri, 24 Jan 2025 11:54:17 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame DC36 38 KB
13 KB 90ms
90ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 365773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:54:17 GMT
expires: Fri, 24 Jan 2025 11:54:17 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E805 38 KB
13 KB 88ms
87ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 365773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:54:17 GMT
expires: Fri, 24 Jan 2025 11:54:17 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D81B 43 B
215 B 353ms
232ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=6407d2df-5356-9d3d-318c-b2021426d899&tv=%7Bc:2IehZY,pingTime:-3,time:55,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:56,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2M3uFh+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525518-72172419%7C171%7C181%7C182%7C191%7C192%7C1a1%7C1a2%7C1b11%7C1b12%7C1c1%7C1d,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,siq:13%7D&br=c
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D81B 43 B
215 B 357ms
239ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=6407d2df-5356-9d3d-318c-b2021426d899&tv=%7Bc:2IehZZ,pingTime:-6,time:56,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:56,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2M3uFh+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525518-72172419%7C171%7C181%7C182%7C191%7C192%7C1a1%7C1a2%7C1b11%7C1b12%7C1c1%7C1d,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,siq:13%7D&tpiLookup=ao:randomgenerate.io*&br=c
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D81B 43 B
215 B 232ms
121ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=6407d2df-5356-9d3d-318c-b2021426d899&tv=%7Bc:2Iei08,pingTime:-2,time:65,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1379,beZ:1380,mfA:1382,cmA:1382,inA:1382,inZ:1384,prA:1384,prZ:1387,si:1391,poA:1396,poZ:1410,cmZ:1410,mfZ:1410,loA:1435,loZ:1438,ltA:1443,ltZ:1443%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:65,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525518-72172419%7C171%7C18.1525518-72172419%7C181%7C182%7C19.1525518-72172419%7C191%7C192%7C1a.1525518-72172425%7C1a1%7C1a2%7C1b11%7C1b12%7C1c1%7C1d,idMap:17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:13,sinceFw:47,readyFired:false%7D&br=c
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 18F9 38 KB
13 KB 70ms
68ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 365773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:54:17 GMT
expires: Fri, 24 Jan 2025 11:54:17 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js Show response
pagead2.googlesyndication.com/bg/ Frame 33AA 50 KB
19 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js

Requested by

Host: randomgenerate.io
URL: https://randomgenerate.io/cpf-generator

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 15:55:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19599
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 15:55:44 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6F96 0
10 B 63ms
62ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Z_f8eQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame DC36 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame E805 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 18F9 39 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 40B6 39 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 09:45:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Jan 2025 09:45:49 GMT

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/24651/ Frame CEA6 7 KB
7 KB 369ms
118ms Script
text/javascript 54.161.150.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvHRqi15uJToMQptAxLJ5AMy33X6dgTXo2J2yDD_w4uvim_O3EBBRFEzLL4CqkR0PKIe9nAkZiKrY9e5NuDcXBJOcEIneCtNWntGjy6xb8XF6tNNeA22LV3XiUN7MDbB1YPnovRuZX4nFTtZ_9va-ct1PXC9loI17ZIUaStbIRhH4OUZHNLQerd10wKMmPHNx1Yr_MoXhpGyWDVJsH-T-r3KRGVMQ4aY4wx7LTJxIUW7cVuLQayoAWo7TFzHg4N8TQV5V4wFPIc0cQN0-tsRyzMwqkZ8RzobIsoL-SkFwshM2saXoC9ZEmhm7a5KdiSYRsWbgSeCVbqbljVolJH0kv2Da3zVYCIUhLxNbL2QFW9ylsgyT-UVzCB8h54iRE04fMhPqfWZSiotLNTg7YVuGhSGDzCIsz0Q5gkUA4o6HM5rEyk5LTlyrOVk4pN0cjaVCr4b6ddEZVqTA3RM0vDszErsEyQGPLaMiRxBhavoXalgV2cw1DBf0PaWzK0EsA9q_FB9NLSfFTEGzdIKhFG9CXEqtmOw2316WsJRkR11jcInpu6v0pjlpYRizjsIZGGYRvJ_DVbEjxd0EJJwsdV4DVIEtaEQ1L7IGMoL2YNyWCt5yVtNWI4-IrO9tqwjV4o8Tg1KLEL1MdAPitrUMZjszT9Nja9h11-PYxZjviuT4zasPegH1OLetHdoLCje8Zmz9l_cWPQaETx6TQjkez-BQMRzx2GMRpndPx9qn2-9CyVFiu3y0CfHc8j69HO5_DsntsppdRe8EvcDgssFbPVwg2gDThJuzKX60wSbCB-pCQmNzebQe2ucYIvIyHoC8pYiK6lbPdGHfqMrweRGU1oQKS-2x3lgmEf1so1p1rBfucC3Q1i4so01tc10oMx6FXdeBpr_uKYU_w7T3KO-bgeF82XBd1BaViSdtVMiVkJDNdkLIWSr6LX56BrzGZJuRumlNMMSY3eaTDVy1kTCJ-qQ-qo3LJqnmxq7_Vyo--wa1nPyDLjSUAvgCDMn_MeJclyggj63QXlD5uvFvhb-rjNxN94uNnuDlfZvyLToxj1v382gbtMTTF8J-pJwR8FRxI1p03bWcxV6ir3e6N4nQuZ6wn7JEpZcejfhz1fmgGJrUUAg0URGTh3J6BR0R7-f9fBPmcOuar79AU3fCtawdQIUZNL5aLsgfpvb0BB-8DFdAnbp5Sz0EQsavgtr6R5yerHJUqupc7xM-r0xR_OtO4uBVZNYcwI5QhSdjkE3kD9s3XpH7P-AGAQXrfUPYNnDl8xOf0t3EShmpS9YWiWfYamh6P1Vxq0B37-LYxrXxdVEdEkYFOtzM-mY1dlfByPL6D1Evb6oxkfiFlGfkM3hdBTYH8lGg&sai=AMfl-YStlBd-Smx4ALLXIIotTzjHdgxnlp_ZZS_3ZQ8dgPu9jf-QE21zva90yx8HFdQoNQnBcniZnHiH2JGtsTuZb1lOZk1a2_W7oaOQUPKPGhrPeZoT_dGgQ_-08qVUpLxMahWzUGFGaFiTh3zPhUohz3F6geKvxHljYQuvCtlMZ2fnYx3aRSEi57QE88Xe22snO1Z54i_Iga9BN7hhkcAhEFuoFKbgvW1eF727NC9CMG0cUjPBfCuBtqoRFOZXLxpr4K5z5thS35Xw0sc&sig=Cg0ArKJSzF8bJaWVb8OOEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30110444&DFA_PlacementId=369668928&DFA_AdId=560448615&DFA_CreativeId=168150841&DFA_SiteId=6958819&TC_1=cmmfbeajaux&TC_2=30110444&TC_3=369668928&TC_4=168150841&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560448615$dcmrenderingid|168075220$dcmsiteid|6958819$dcmplacementid|369668928$customer|Microsoft$dv360auctionid|ct=DE&st=&city=5722&dma=0&zp=28329&bw=4&DCM_PlacementID=369668928
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.150.198 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-150-198.compute-1.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 997cbfac75012b65702e6aa72cfb47da6b70a37c8daba910c5f3659f8e1861d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: AMO-jAds/1.1
p3p: NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 6714
expires: Mon Jan 29 17:30:30 UTC 2024

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame CEA6 31 KB
12 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 03:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
server: cafe
etag: 11828260617052087593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 03:29:33 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame CEA6 12 KB
4 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 03:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 03:29:33 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CEA6 0
0 209ms
73ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulythv-zmQ5-xTIBwfKIG9UO_fqWqUici5hSiBdo8UA4QNFxed6jPac6LuHlC3h9tZACIDzKS8OPUT2XMPSbDRFaPsE-iqouAD0IchKXzNqBRxvHd5DmKabU5_mRhpYX9rJN4Iyrtj9ML9drJ1_nztEPATonv5WJWvFgeWEhRDEOnC0RdqCZmc&sai=AMfl-YQy5ZLApX_MdSy3ZDlNreSAVA3-6QrH_tnB_XeKOodPdp6KHrn5Z5RnofeCcYpT_6NYOT1gCZrzw6U9p45cuLFtBWp3jmgphQ2FYoYgF0xCYuuJvGcsyT7YDF3Q3Q&sig=Cg0ArKJSzHnr6jOBHBMCEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240122.97295&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/24653/ Frame 614E 7 KB
7 KB 439ms
232ms Script
text/javascript 54.161.150.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/24653/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjst4_7BA-nu2-Vu9M5Hz5yRe7rSg4DIzCdrXHDiBWOBmqbAFzKWiKgQnfkTjr0nuS82qBCZC1Y9OyFjmY_BLPBfAZvi_NndQQar5O4vX_BlinNkw22mTyixkXoOPz8ZoFlH8CveLAXReQih0MjasoPEoB-rfT4pOMgAzNIRas-qvGNjiFn_auM_5XLGJaxf7mLDaQBBcd0FO4zQKGJapTPFZ4NYr2Sub2TVpwSU3MV9sEakgCVgzb0SLoBEdta51FXkjgCm-2QdfC1rHRu48SwjMZhvRS7GXEYs-w_0mek2vCE54DknG6WSGVXzmniyvROfYjYvTbkTTZEiWLxprbqZUmByAPHUaAmYaP0RpYjcqOAQUdQlSeE-ijsyW_dGbhz-_sDvlpecSYcZCajSyTcUunSgAFdpZiPJSuG_Yt_g3lRWp9GxLfR6swxOcKkX2VAfMYJfIg7qcX6RQEg5JukOnvwhfdjAlkzzM1xTls-wkEGjCdOPs_gZOfAmdd2I5-p60xcWqHTl-Vd9hgIo3eo-MymRfu8uW-OKX6PsyeiJwF92D14UYqtWTO3_UQW-_NhjD9UEfMUhX65M993ZFoNHsUqbRIyeRil5zDUpyr7CiOTuYBswh2d9wvubV0U5fohyOrf0vTtK1dyO3LH9TUuQLCYyQh5vWc9HBogH5Dyn4UWkl5flwAFaRIAJ3v-zcw5gFqJJR_sboj0eW--LXUzok39yzirucEHjlBIKe57w68F_-ZEJEbWCV8XtZBDweZpG-q0sZlII1kYPjqHS8g03jD95M-4xntnJreSxPLUQZ7PZJT53W8ySL12-531__t5SxwHtLPDK9q4f1pfhPpy-ArPKH7GIH281IReNopVS1Haa7QD9igZV_K9-not6KPZs6bU8Rt36vfX8ZxIu55CNz1n10QLai1qCC8V9mJpMkoyfvNgh4KqHbC96ij11VTxDx2cRGupCzezclg-g__FHl_Yb-zujCBtvYuZVsDTXxjvZJnKZW7M09HcTzzt3ddf-Www1OOSE9jJUyEoyN1YoTJehPdaCJWOmOgBC1Y0ynkU2lZEm7uKChvMLK4U-Qj56WNg0kXYrrJANC8A6_oJTpPhmraTZwKXRhLqKJ-WEO8hGKfv1KKC2G0N7ZsuY6jx8qiP7_fPK0v-bt5r7vduom8lvPvdPuVBFGlBWIanq1OXmPTWUfn5wuLVBMA4rUtkgJ0_DMLSNxX7ezuGjOlayKfDU7MOBtDP8vVgakBwnZfQhtqZZHRdox6tUcJMES-c5--CeuJlxdF5MCxjTK2LAdbfMOeiwTIcnE-am1buHH-OBuCBVq_8DbRJDnvXhNrzPEAApTn7rKgIlbBrBvMnND3zz0SQ&sai=AMfl-YRXxb5YYlepqNX_SfGFA5ESeDpab6MFC1rZS-s6oTdLt32o2L5fou2kVokhLajBZnA2l3pEX1p8dj46J_hlTyxEgJRnf2ZJr4as1U5k224HlSjVddL5TurBp5f6JrL7BmWDUJVSBwE1c4j1f_AYH3n7WUL4JZmgNu4NBzJN7Whx1OXtionLPEO5NvGKwJoYHfRAHllptAC2yuOWY4BCIVV_ys_TshJqem8uu4fpuTQLTAgH7dFrTFOn2pCR0658_Far0B1GyuhhDT0&sig=Cg0ArKJSzOdEDR34mQ9TEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30110444&DFA_PlacementId=369669180&DFA_AdId=560533384&DFA_CreativeId=168149131&DFA_SiteId=6958819&TC_1=cmmfbeajaux&TC_2=30110444&TC_3=369669180&TC_4=168149131&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560533384$dcmrenderingid|168595328$dcmsiteid|6958819$dcmplacementid|369669180$customer|Microsoft$dv360auctionid|ct=DE&st=&city=5722&dma=0&zp=28329&bw=4&DCM_PlacementID=369669180
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.150.198 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-150-198.compute-1.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: b4f3d8951925006529c170094cee71330cb7b4a8e0799677665730d8c5d65dcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: AMO-jAds/1.1
p3p: NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 6718
expires: Mon Jan 29 17:30:30 UTC 2024

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 614E 31 KB
12 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 03:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
server: cafe
etag: 11828260617052087593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 03:29:33 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 614E 12 KB
4 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 03:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 03:29:33 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 614E 0
0 163ms
76ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswQzanAk0BVhNElsRUdJSWPSHtFZTABh9TZzW8VNfGBaIwdo3dRYUZkjmkiustyEMSwu0-2lKnFQv6RgBX6q4nfzfdsgVpbaNCw9kZdkJEHUXd2u3uHPe-oORaQzDXrcHO4-UaYXiz49sB1X-0ef2V_iuFZZcndRGDBuuUCkxXss1uh4YpjBBn&sai=AMfl-YRLcIJxhhAr5Brr_0JI5x_HXjglOJPQglIx-utgeUtQWlR4UJCjKuVHYa_l_U6acfS1lll6xJwF30V9_bIpdh_BBYOUTKVFQR--EjozR5xzzwrHXTLkc79clT4H6A&sig=Cg0ArKJSzMiLAmvC6OeXEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240122.63394&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 2A3E 16 KB
6 KB 47ms
45ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=53037
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 29 Jan 2024 17:30:30 GMT
expires: Tue, 30 Jan 2024 08:14:27 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-all.html Show response
adxbid.info/ Frame B2D2 7 KB
3 KB 484ms
228ms Document
text/html 2606:4700:3035::6815:30d7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:30d7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84d33416cbef5992-IAD
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 29 Jan 2024 17:30:30 GMT
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6CKlF5r9A2kMy1RxYABqyqfOrxrlVQf87%2Fad6mV0VzjC45HhoLA4hq0WntQAxQJIUozQ2PnviP7W3%2BkUnJFX0J052Ww8bbxRSsByi6ihvJJoqYELV27hGwOinfiLo7tXooqX5UWJomGOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D8CA 281 B
555 B 132ms
39ms Document
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 17:30:30 GMT
ETag: "280524-119-60b38417c4040"
Last-Modified: Tue, 28 Nov 2023 15:41:45 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 204 isyn
prebid.a-mo.net/ Frame 8CF0 0
0 45ms
44ms Document
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Mon, 29 Jan 2024 17:30:30 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 1

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 78D5 37 B
139 B 43ms
42ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://randomgenerate.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Mon, 29 Jan 2024 17:30:30 GMT

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/24651/ Frame D81B 7 KB
7 KB 352ms
233ms Script
text/javascript 54.161.150.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsu0cxk97opyjAxax4M_oUut9LyDpvX9sxs9IQaYWFS-DUppLpWKdqB4cCIum4caaCeiRfquWaGaG-ujz0Qyn_Z_d0Yb9AKj_GlqqFOKSlad5KFWARpCIjKXXfJsIuWt6TOt-0vYTwNzE34HSvRVkuawm1tBSzuWUimXWLYTaHHa8lpppNMGKaBkVbxhklYMBOxJAB26eX4Z940-B47ShcYxMnFUHfgpnn5jVAFPkDhMn7bM2MzPRG3P9F6tmpQhPWxkOxTYzdOgqxQPw5fJQk_n_XPtkAgUtqL5EtZjGsqMrq_37jsGVtcy6xXrKNrHlUZe4DCJfUpCnOcpch9aDNzuUxdq0slLk2Tfe8VWDxiUtF5r5VeRqJWaLL4-KN9egX6ID29iiGJ3PGt_UHLnp2q7d7KER3GgXlSDXOT3Xeps1la0k6b3pBHdJx7xXPPxUcNQg5i2F7yAi6BnXNOFeDvbIp3DkWveA_5PBlTbAK_FkPbkuUqj0NjP1idXnS22-MfYRm_Gc1N2DWjcSuDz6XHdDjm31BjimIRZjUHaendhcZ_l6zEQqMfODl_3q5hBcYYUkrhHXSVsDcWaxFiOlZ8ErmDBMahlhoL7XdCXoBRBSg6aekZboWYqE1enqxYX8PfN0bklJCheZKiSw9giZrXhvxhYH2veFjj2hoLXRdM53B_r7EVrw3yztCOI_S0zmVY27v-xrM5-iuzSC4s64mmngVEHeZkPcNx3ZIkusRntA9JHckUEPpm8EWup1hOuRnHkmgHZrj5rmheZEqTvQLigWBN9j7VMve_Ax3BPDp5BMGwHcoUp9_OOOFzLgrohmmEJp2_w5gpZN457-fv8c5NMgoJe2exXR2q_AHLzobAJ5eGDb6RFXL3ztWQi5nG3_n6uS9b-V5X-W-22Q3UV13rq9xho-9G93h5Mial3q516rISLfQ4-ogz45s4MQ9SMuw534Ik4YL9sWKs8Y1AecQtG32ZqA9AMH5AupjWhHMMQqzJUmpcg2WWH7Y6KmH4HgkUUc_ELciTCQAdlnTXOlSoCu5VaooZKr4x5JeKdSupkMg06NZVG6nzVKrU2Zf6P-kuHp9ix5Z7QMpnJJuvVdV4Vn2Rw18tP2vAIQsP1MSFxmAXAlL2iLMa2YHsVvuRmXDKkbm-78hlhRGxI25jQwvrUZxuv7WEekTh1cLItbZE09uICauIatP4-oAUnpeL4-lw4Qd3tuXH2hs1wh1Gsp5TVvmXL5I4H0oycPXmgGnQN7ARdERpZH5ssSY0i8hbPYs6iFJp5Aw4iMaz-_6LGm2Fnjw8wIgRYDc4oSn6B8clFiVdI3tCP1fkPZWAuRPSgTHRBANE4ybt-a6Ddy0y36zkr7g&sai=AMfl-YSTxDNwpdMkhFOusu4lloAQ3hCQT7O6CUBk7t-76UVqKb9OuOy4TS0q7HtkYKoTD9OzcKCR-IRlZwRrZ6RLRieZ0ifLSgmVuui6WU71ENwHhgzdtGv7NSH1ZU1wVaCQnnhnjPF8bpq2xwxIglLrmjZVx8pdxnJbEQ4Uygb4LRnRaF6m31e9wOXt90QHlj1VHJlw4j1H848Af3ytoKpXheHEn1vf3X7ZizrsPUmu9QsNJe_bVBScRFd4yZ18ZCFmN8JNAZB2JFvcSK4&sig=Cg0ArKJSzBU3qy-oH-ytEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30110444&DFA_PlacementId=369668928&DFA_AdId=560448615&DFA_CreativeId=168150841&DFA_SiteId=6958819&TC_1=cmmfbeajaux&TC_2=30110444&TC_3=369668928&TC_4=168150841&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560448615$dcmrenderingid|168075220$dcmsiteid|6958819$dcmplacementid|369668928$customer|Microsoft$dv360auctionid|ct=DE&st=&city=5722&dma=0&zp=28329&bw=4&DCM_PlacementID=369668928
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.150.198 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-150-198.compute-1.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: b5cfd910512254312133fa2ecaeb46e5e05af0ee567e2152fa6df6447acf79bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: AMO-jAds/1.1
p3p: NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 6714
expires: Mon Jan 29 17:30:30 UTC 2024

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame D81B 31 KB
12 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 03:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
server: cafe
etag: 11828260617052087593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 03:29:33 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame D81B 12 KB
4 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 03:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 03:29:33 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D81B 0
0 80ms
77ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss14_h4IKrU67hibsSa13OEyf6LiWAWNOFIM-VNTIAodhwplAlcxk2U6kvCMLKze1HebnrSDgX29QsXijfpAqfrJtuepet8lRXTJY-3abu6hdQkycHBOPdhGsjY4ERLfyic31_ZMMO3AJp8wsO5KfZht3GXjWxl6ZibmCIKviAKZREUNzGRpKu6&sai=AMfl-YSczXWUSt03MlisrPqzRrTqnB9ynY8mMCLZlBQI1yD8wiwD4sx5AzWBEYTVdyaFRpfl-BblChv_2Ja20exlF74MMCw5ITCSouFL6PGXzUfBNU4Ac-U8Kuy_d8Cd_w&sig=Cg0ArKJSzGcdUlbVA7LpEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240122.03845&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/24651/ Frame 6774 7 KB
7 KB 331ms
234ms Script
text/javascript 54.161.150.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjstb3-3ZySd5kX1SkUDIvtw7gL9h2MvdLRiYF0tj7MW3YkSiyjZqEe1eRPGYBWssT1Omx3N_gtIlnFrQv3vgCsxdYxzk2QTja4TFW3Cww0mW1BFmGYWW9mXKA_LbO91zQKZcB5bFis5qy568SkdiTTqQUKmfq4n46hwQ45CsutVzdqojnsHw5fs_RTVWFndXHD_Pi3vZgMnXgSKkx7XrF4VMAE3XG6z5f3iBEiiqZB1sQ6KogXwBM5Ou92yo7y6krRZ7LDxI17P80VZraUZtR75BE3N2S8sxrKHBxUx9xMbSCu3MBeZ4pp2Eqd9SmL35vaororGqyCCFH-B39e6q65ZEFr7HbgpiRjs5G2cXAL3MoPli6VodKQUgcMgpgOD0WpuMyjxwpzl6rgDduWwvR4v5mejG8DXaNeUTpcmWPShQNMdXWQ863Mz8_9hOOiQNuceMdgJ4iYa6npF_2P8s-Wot-HUHE6ZSUPT-Y5C8AEqBkWeFWp56kRR6CyLjyH9JwHmAnI1BqnQ6sC3TDINaGmV_PhfL1_n8kae-erBIx15j1KmWaafm9SgnEvgH7LezkbT1-yW6_ZtVZMX-9AYBvMlDaSXR3ND51pYxpsdxowjbtDON7qqtOAxIHpCVKcoo_TkTQo10YgraKtkKzc-D-TvQRcjo10dqNPVLlyoPW30fbkxDvESXthTEEU7nYCegKFUIoevBAScuGPkDZKzjaEPXlPJ3x1z8yxX0AIZnkmK5WpZlU64yfx-OG2dBAZuVC4jrmeKyKkviPb83MnULiSVgkIPHQnbcVGo-656gp0PVhnsvBQLuyjJ4U099KZadoNcawV2DBCp12wz5XXc6tvwUHdPo4h8QL71xvAJAVYIOxNy2usFGUzvUsel7EKYmmxeWr6MwsiZty-8wZJxQDzCLBOtG3phsd5D-IyB7stkH8zUULg3DVFtFwcrRy6ZnNoTDvXZbLIOZ-FxbQG8P8WDBawV-A3VWqDM6cBtDGcdVJluLi4LBcACOcdvJKmEFqfRS5XPv76YNyuJGzb5no2Q89btLHMgelNQLTJ28o8ZMcwqweB_s7pEcS9WlkgM8IMz_ney43TKoXt8sYm8rxC6Jgkj8isurNHah1evbdRWJ5qr6VUzzIp0HMZpLnYANvzVqK0RZ4ekask0nc1A2eZKP_PikmireL16BPMgUOONQOi0FkM9Q8aSXVUsXPojFfDLke1yZHZPW8b1F9SQPHlQ9uplmgZ4ua4BoiK_QgXze3MoTGhJWBX_GWSGI1uKeZcFnAKwhi6vVA990agyxaB55VlSDOmesMkwFp7ABqBV9gpC4jGKUCnlbUtVD_vM4B-0Ks1qtgaWOAr3ci-EJsmQmgZCo9-k&sai=AMfl-YRg0dL7Nf8F-EvnndiVikQ-f8JMy-vQTv6CvsKIQD_tJV1jfuzWfUcrPwxwpCSNhqaw1_OBuAcWzmqptN2dxZsTaHHU6O-a72Hg-zrDsfnRrgqcLYKT2PlI7LLkayNhzvM5Xlsws3c5yQKyD_2Nj9XMiVmSOV596FnoeYxpDN3Bbm0XAgCMrrICe7ssb-r9qWhLgLKdybjqtDjfeg_x6MjbJAGQGFZAVIPATdr5roYhAS-KsqVVziNpCy4oA1TKB-ui2Prl9pFrW5Y&sig=Cg0ArKJSzDd8u52PtaSzEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30110444&DFA_PlacementId=369668928&DFA_AdId=560448615&DFA_CreativeId=168150841&DFA_SiteId=6958819&TC_1=cmmfbeajaux&TC_2=30110444&TC_3=369668928&TC_4=168150841&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560448615$dcmrenderingid|168075220$dcmsiteid|6958819$dcmplacementid|369668928$customer|Microsoft$dv360auctionid|ct=DE&st=&city=5722&dma=0&zp=28329&bw=4&DCM_PlacementID=369668928
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.150.198 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-150-198.compute-1.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 52017b543f657ae282e9d0acabd4c6e6d5a4af7355d36850c21eadf6c0ce2428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: AMO-jAds/1.1
p3p: NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 6719
expires: Mon Jan 29 17:30:30 UTC 2024

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 6774 31 KB
12 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 03:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11931
x-xss-protection: 0
server: cafe
etag: 11828260617052087593
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 03:29:33 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 6774 12 KB
4 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 03:29:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 03:29:33 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6774 0
0 75ms
75ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsutQxq1wcMWNkkRZ6-YEXMyw8rtWLZUV6o_WD1SEzy8EClNKnEnJ4yKggbHM1_zfg_9kWnbvN-agZGX9T0T94sH2HU3NlsITfeE_GPCPYkrsdEiuJnfgndSlrV-oFPWcCAMVqklkSH3dFix01iEjTXWwPwQk3vcrCYz9HkCTO0VX_zaxPfO3qVm&sai=AMfl-YTwOXo2N77HoJWZJhQ9ek9b8BD_12LpxHMnwDDrtkZ3g2l4nqxNmsHG2HjGmm5Ilnr4toQu8VucifoNp4Lp_7CT06UanwrnkXI1_TdqkEbAQSI1tZ3tI035Riipfg&sig=Cg0ArKJSzJklm7BAkgMvEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20240122.05918&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 29 Jan 2024 17:30:30 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 614E 43 B
215 B 120ms
117ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=6c71c6ca-22c3-7789-a301-ec12c395d789&tv=%7Bc:2Iei5E,pingTime:-10,time:608,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706549430582%7C%7C62029db07133f20717cc7d5233dd0566%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C1022cf7f9b4df5875ca830c23a147d15%7C%7Cb4920c32ee20ab47d836edb0ab1609cb%7C%7C9dd49db76ffd3bf361746e67d3a47292%7C%7C31bf34272c517bcff808627229e4b6e6%7C%7C1352487e3dd1e1f50bcbfcd4f81e3758%7C%7C1663701684%7D
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 2A3E 0
39 B 47ms
47ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12733186&p=156191&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:29 GMT
content-length: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D8CA 39 KB
11 KB 40ms
39ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 905989962c208a8d440b7860d8100f46ecd47a38b7d3472eb529d811aa7f1892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jan 2024 16:08:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81557
Connection: keep-alive
Content-Length: 10900
Expires: Tue, 30 Jan 2024 16:09:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC36 0
20 B 280ms
279ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5Z8BteC3ZZTGMI_01PIP4vqmmAgAAAAAOAHgBAI&bg=!qqmlqebNAAa8BdJLnAU7ADQBe5WfOFp8vHat8WqIQAKQ3rOF5Fol39ClfC5oe-IaKe2OIKOIepM4EyvmA1daEIwgw_UOAgAAAQJSAAAAAmgBB5kC_4umaDZ5I2HkqpgmL324lcKMy00wD8HupsF0ZL4JpakdJgCTcKw98c7c_WfhgUYw5RvWNFMSHnmOOXPJbXLMvdu0K7VZVPvrupmr6VnnZ_fArcVj4OR8cPojc47IoN2yCx33pbbiJ65HAFw8SMgdBNxoZz5PgWRM_sQl9hrGvDnUwnu-2SVrlHZWrFxWBxhPwdk9vp6ga_INjpnk9wRO-VmLPwz2QGx8mvkeEZqickUEvVf8WPSHoWuRTOQ_9I5LH7tpxPmouCHSo_j_eEm9E3izJ68crBsfonKxILVGp9zaZKQJdoiNRkzDDEuRVtQS1TO8-CvZ3rcrh8vzukUqIHfIcIsBZb_ejJB75MN53n8uAUI3YYBQFn0-BZd07jv3o8GQkGNmTlSvPjyGYscIHBJboDGLMJjTD6SAV1He1rsuTDMofuEqHkvAzx_b6wwSug_uP3hfqfiNUAC9sDVqw1_R3N2CA3jLKqgDFAXt_9VdOx1CSnftH7VVpWI-AXNcnzSA-LlxTbO12oyqNnaWhxp1NhzkKPCuC4cv3cphWXiHZoz_rHm0EiTXK91wwgix8kpQ-67Prlmg2bVi6uCidILsL09zvlu72SgvB4WjILZvFEPBIqALQGAWfKS0UiugR8NY0s5tzulUIVFCcqShqVMtyCeBiAPRW5bKIoaQ6aM7LxO_42Z5sGsVfSuAOdiXZT1RjkhCBX43Z5iM4jp4lAWrS3oz5jkL4iz_-el6td0tyWZRIYIUbZXwVyYMSeHwn3N9QY6ZuG64p-4Tj9t1YUeSZZwZN10MfOdbpNlbrGlEe7B1IdwB_UiOyFLxxsKh5WVt_gCBxZKs12M84OD9NuJqCIm-EkEdrGGtj7mDQTyUG7bR-gCGi_jQO8tGzTHa4Unrk0XTQSrx2gcqCA8Eebu8-o-EeiBT00yDWFoVWhvVRBgYrYBmoHKy2I-7jn3wX2RWSMYaKvADD_ZJtBMnHXA2Pib3m_taLZPtZzG8GWHdaxdaryrY4fzBpXUQwi-A

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame D8CA 7 B
380 B 165ms
41ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E805 0
20 B 307ms
306ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=ByfrSteC3ZeiFNOiK1PIP8f-gkA8AAAAAOAHgBAI&bg=!ysmlyYbNAAa8BdJLnAU7ADQBe5WfOFxO6lL0gUQUnVn_YtN64brjOD15teVuCZKE3KONXv_DhuTD377l2j6qMexD5RU_AgAAANZSAAAAAWgBB5kC_L5CUDLX1O6s3IlFAe9gJ91GXfV1GtKeRQ4lDOAjkKzAVYrRGNwiJZxdP3P19jLLUm-h-o_haEn8PR9lwtAMlmcO0diktrhfV9A-8874ZJRDFJIGehZHNVOi4ptu7lEKlj69tR-nn28Lk8QK804hRyLbkBrWJuuwPEJdDfoAC4DZ4oIaJP1sPpZPba1l6b3iUZwQw4m4TXrPwsLNSFNdnU8sU0aS3DAmXF5EJUmRQCFaVz_iIYO7GcHht1xSweQJs22CSlqFGH__W687_huoiKewX-IWFBQvXwHxkr9F9J40eKEDYKraK6HMAnBMLJcZmZxsjZv1p-RVLkwR7QscMPelNVp6fe-PAjIiU0UDnKq7PUFmZ2N0p2r7l8-hfi3pQTBcxlh8BXHrIZUUqt0rv9znZrdnSIawTxa3XaTR8HrMKToTkLbC6f3h0KoC1SAl88h6U5nibHp8Cfysk8bp6Qr-6iI_2zpEAYPvgkzwXScvulhwaFLeLNZxKZVeKZRKO15aEc0CmVgrOljJHqmQM2vnGmECNyubRHkTXEZ2y3mQOMZsHinLBA9UC_-6IOpZt03HSdldRi0wqbppmvwYpsMK2hqZ3Wgm6ISTw2ZqRcDRYnF9CyVC9xPppmVIZ4pQRakMCfuTOGPzgf6F5tz5fs_jhk0CbmzAq4ddCmKb1xwu7KEn-wFNA9ZTQoEW7P_A8UZc8MGaaKeIuJHNUBxesBZuJ829H9-7OETkFabkPayp1fGFYFGSe7nLd1FXs4oTSe-mUXDY-qA3FfqZc-ah1mjbmeMA9PrmbvRURZ5TVMX32RbSovRNGvpKFTbhcolgj8BTGpo5uNg_yBQ_4p9GVCHf00RrEA2GzI-NweBZiY7syuLoGnPqtJBmNaZFoP6LgA6iuCR8w2g2gIZT8zQJPj2BXqTjt8xIbWnv7X54TRhHx_au_gtNh5-Ye_-MUYMee2dJAhhBWOMGAHG8Rzv_bmuVll1EPGrInat4e_5dvyt_RB23hf719DrA1Zzr

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18F9 0
20 B 279ms
279ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Br-2dteC3ZfnUN8nn1PIPwouCsAMAAAAAOAHgBAI&bg=!pKelp-jNAAa8BdJLnAU7ADQBe5WfOJ-Dw8iEOrTCZf5iNswrVZ3YPED1CNhxraQMLvECtaH1sApIsKsaGaS9a9FEVThTAgAAANFSAAAAAmgBB5kDCq4L96vAESVJiGk2Nf34wrn0IU29Whj9WY6sZJVYgSFw_cTKgecApXtLzjAe32AlVUtGFKGEzUl9dQIG9gQQO5SNB0TTZ9uB_UQvSF2aV_G_RHpxxPIkqGADfvxvo_UD62xLI05EABb0qRE_JcCpfSP5YyQk9cxvaf9L198yZR3FpIjP9Rjqp_HPoXxBeZylIGa9zdvLzMOy-wkQQPjwK-_36XbrOqE3fcOmff2gzJ59xxanCREtgwFZeiwCg1NzpT_8Y9atj5lzW1XGxKPEAs9Py_6xVrpoUtICncACG6oMTLO1AT7qdnsE_VJhPu79dmeXwNP3IpOss7yo33IB1MLXv9LvYSOBH8vZ_aLwB8jz8gJlpDz9WedLaoB4XvKBgINAWtfMSsGhkoouPuDGIFhAPP1axsFPZR5cDSLNEh3PeNiROjHhNcr8PTjfxNHK1ujLtYfkLBbhNMiGA8kBKAhtcok3JIM4IBr9XlvHK9H8Zpvzf5bqoFrX47kSF6hhcL15e4Jyxs53FUr7oB2Uzasq4DaG8lRQXwXU5qiCrfWEfcynMhClyZMUcepc-qJPkdeQ76feNc836BS8cqQiul-briQhDSd3TvHSqWyFdIHgxLHhUjWA68XKVT0d-T6xdC2fIbXp-9d16H5_ykaIQHXdHjH3pG1_TbcFfSo14PnCnAxca-0p59GZMLS71SbFh6MdbSwWmSM8N0Gqh6_Lpy0NnT_N3alaK-FAWcFdkIFC5QiqEXhWnhhtvIeXh2ePtp9jxmyEZ5LQ17hhSZcS_nRXkVTbOWPe9fkWsn21Vpl1YsX2aOqMQmF12up_HKHj95UHcGmkHs4G4JVCmR8sVeYmseVi1kRtxKutAv4dlAZTYhFTfbFQ74gFSghejwHH7KxER6x3C8aW57Dt44Rf_9RjZDHhhsQVVdF2Kb3j700V1xD7rYx56cUIGxoHp_WCemTh-5BWX1VLppYkq0QMoeLuqM4c4EUJZjKgb_PIpD9Ull2fjKm-Kx_MJduGlZj8rXi6FQ1NrXmyUwA

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 40B6 0
20 B 305ms
305ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTAdEteC3ZeGrKorc7_UPnpmK2AIAAAAAOAHgBAI&bg=!paalpunNAAa8BdJLnAU7ADQBe5WfOK5Abex9_mpHXOAgEPw6UdV2UegeyOp7bB0N6TG3MIuc1-HVb-L1yW4BOR4KETXfAgAAAM5SAAAAAWgBB5kDCGUC54b8Q9d7MPQDRzjjq9oe1ixpHuOSn_d8gOlaAQ3jPhJR4zREZMtFbETdjZ4v5wX8jZo6vqLh3aNU1nGGbuYcwXNUkF3bnY1W0STbO3YGKML8qEY-vwIAN0aRH6ker1uoODWii25DLXNQGS81vI5IhxX6HV5XVhPPlasfbf2QwqzYCyCV9R8d9uQ5612havJWr_LL3ivN_aWVqEIJEhE_Kv3ntqBeM-Jje2Bbss-PSKCnRAPHWA1upMog2IprQr40XZW0GLyVu3Q5KkrFRfwzCmXC9MUHeXFTLXKkyIypz5UwQIG2xb_bUjnMvBnLGI9A1jCdklCDNHuUWlJDjsSkaQQgB6UrKRagYlFbVjN_1yvthJfYkhLHICcX8q_DTfe_AOhTqOs9zoIpQrjvK5yH36KBt1jwrzxJMSpaN6ZyUYsUXeJ_lsxXgnoNgy33Lg2fOegdThez-QxvwHPIxPY1GiFJTHvRehenXi3Hoo6x8DSEsD_OBLnv3bGnqGMX_BIrPljZnSEtY11vGNz8nb-qv_wH0oph2cL4ajQP5amM3hmXnpthXTI1RjttxfsSLIT18_eP9GmcyF2UL9WF3cMdJAKtW-SqM88XUNhexlJmkckgRAFvV4ENFxdp2NsAXGiCfku8xtnf0TXYOR01dIAX6s22H717lEPi3EZORXnfhaf-RjeheWds_D5SKWNQutrDrVkkghFd_wpurfMFpLrSmky57uy8ga4KVh2JMozFI1ixYWrljsSQ8HCdrV3sKaEgXGCbTxVumF7LZM63y380t7vcU_4sMsShTPW1rcU24JOB9oPc8WYWyYuAHHCR9e9BVYfj3wdLQmVdmG0ZlFgsn6LbpMjep2IEA_HPdDskNbXuIpWLd2lw67LbMR0oOkIgh2IIAZ_Hje3gK3BhQJ3KsCcHjAufixAWRmP0jfUOTi8acR8PJ5P7hbrOnqgTRrz9JhsLq1LlR3CM3LyomT3CulzBoMZuzuTd3M2JaJnGKs1V_GqLQr_Ez2xbNg48sS06lKpwIQwo

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/24651/ Frame CEA6 11 KB
12 KB 226ms
226ms Script
text/javascript 54.161.150.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvHRqi15uJToMQptAxLJ5AMy33X6dgTXo2J2yDD_w4uvim_O3EBBRFEzLL4CqkR0PKIe9nAkZiKrY9e5NuDcXBJOcEIneCtNWntGjy6xb8XF6tNNeA22LV3XiUN7MDbB1YPnovRuZX4nFTtZ_9va-ct1PXC9loI17ZIUaStbIRhH4OUZHNLQerd10wKMmPHNx1Yr_MoXhpGyWDVJsH-T-r3KRGVMQ4aY4wx7LTJxIUW7cVuLQayoAWo7TFzHg4N8TQV5V4wFPIc0cQN0-tsRyzMwqkZ8RzobIsoL-SkFwshM2saXoC9ZEmhm7a5KdiSYRsWbgSeCVbqbljVolJH0kv2Da3zVYCIUhLxNbL2QFW9ylsgyT-UVzCB8h54iRE04fMhPqfWZSiotLNTg7YVuGhSGDzCIsz0Q5gkUA4o6HM5rEyk5LTlyrOVk4pN0cjaVCr4b6ddEZVqTA3RM0vDszErsEyQGPLaMiRxBhavoXalgV2cw1DBf0PaWzK0EsA9q_FB9NLSfFTEGzdIKhFG9CXEqtmOw2316WsJRkR11jcInpu6v0pjlpYRizjsIZGGYRvJ_DVbEjxd0EJJwsdV4DVIEtaEQ1L7IGMoL2YNyWCt5yVtNWI4-IrO9tqwjV4o8Tg1KLEL1MdAPitrUMZjszT9Nja9h11-PYxZjviuT4zasPegH1OLetHdoLCje8Zmz9l_cWPQaETx6TQjkez-BQMRzx2GMRpndPx9qn2-9CyVFiu3y0CfHc8j69HO5_DsntsppdRe8EvcDgssFbPVwg2gDThJuzKX60wSbCB-pCQmNzebQe2ucYIvIyHoC8pYiK6lbPdGHfqMrweRGU1oQKS-2x3lgmEf1so1p1rBfucC3Q1i4so01tc10oMx6FXdeBpr_uKYU_w7T3KO-bgeF82XBd1BaViSdtVMiVkJDNdkLIWSr6LX56BrzGZJuRumlNMMSY3eaTDVy1kTCJ-qQ-qo3LJqnmxq7_Vyo--wa1nPyDLjSUAvgCDMn_MeJclyggj63QXlD5uvFvhb-rjNxN94uNnuDlfZvyLToxj1v382gbtMTTF8J-pJwR8FRxI1p03bWcxV6ir3e6N4nQuZ6wn7JEpZcejfhz1fmgGJrUUAg0URGTh3J6BR0R7-f9fBPmcOuar79AU3fCtawdQIUZNL5aLsgfpvb0BB-8DFdAnbp5Sz0EQsavgtr6R5yerHJUqupc7xM-r0xR_OtO4uBVZNYcwI5QhSdjkE3kD9s3XpH7P-AGAQXrfUPYNnDl8xOf0t3EShmpS9YWiWfYamh6P1Vxq0B37-LYxrXxdVEdEkYFOtzM-mY1dlfByPL6D1Evb6oxkfiFlGfkM3hdBTYH8lGg%26sai%3DAMfl-YStlBd-Smx4ALLXIIotTzjHdgxnlp_ZZS_3ZQ8dgPu9jf-QE21zva90yx8HFdQoNQnBcniZnHiH2JGtsTuZb1lOZk1a2_W7oaOQUPKPGhrPeZoT_dGgQ_-08qVUpLxMahWzUGFGaFiTh3zPhUohz3F6geKvxHljYQuvCtlMZ2fnYx3aRSEi57QE88Xe22snO1Z54i_Iga9BN7hhkcAhEFuoFKbgvW1eF727NC9CMG0cUjPBfCuBtqoRFOZXLxpr4K5z5thS35Xw0sc%26sig%3DCg0ArKJSzF8bJaWVb8OOEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30110444&DFA_PlacementId=369668928&DFA_AdId=560448615&DFA_CreativeId=168150841&DFA_SiteId=6958819&TC_1=cmmfbeajaux&TC_2=30110444&TC_3=369668928&TC_4=168150841&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560448615$dcmrenderingid|168075220$dcmsiteid|6958819$dcmplacementid|369668928$customer|Microsoft$dv360auctionid|ct=DE&st=&city=5722&dma=0&zp=28329&bw=4&DCM_PlacementID=369668928&edge=y&html5=y&nr=0.47691104142363594
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.150.198 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-150-198.compute-1.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: bb09eb5a1bde7920c170d45c7654501b5c352b97290ac1fd48b68cd9ee0aa57c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: text/javascript;charset=utf-8
pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: AMO-jAds/1.1
expires: Mon Jan 29 17:30:30 UTC 2024

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 300ms
300ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401230101&jk=1030135560806665&bg=!XV6lXhHNAAa8BdJLnAU7ADQBe5WfOOx3Vol3CuThZ4xw6A2DQSCwkAvfyo9h726RDpkpd48Y6VemLdSbVfedEUZTSl_xAgAAAIdSAAAAAmgBB5kC1YEU2_iX2zrXrYlfEIHLoLANWn-Rb2GJDzA_khtaGXdtb8fhqH6AmqOddVpF38Qg_YdLw-oZaMPczUoMiTQjBUa83r8tigc61nW6gvpHnrOziPMVHsgR9RERPtmwzOx87UabV14E_sngo4PfNk6LhC8hYSrXDQZo_-lf-hGo7V2E0BbUUeFV_Q81AkJumJnIBeTbGIypFyCm9eQkzRO01IVDqLC8IJk6NluotehM7EHQzQc7SJ9b7VcwtCTPwTdAhX_X72J1fVi6LTyYgFD9WzLgyCpDMwaPwQj6yPfk39nHVAZ-DK8R-W2ODViCHUVhr6bCIWychpmn5pRnwjnXhmZTV4Jam4Xq5yDce9S3_RzbT79qCRub6xudvxRBQ3JD3LChSFr7q-v09cfdzjg9JHkeSF3Kt7290Ug4hILkXhi85Vc5pLTdQ0pKzuJvKWrzBZiHg07aIIzKymkrIeAN7togWrHes2nRSx0v_vMt0139-ykIOI5QPlNlO-ni33nd0vrxRu1dH7Zals_mxkG7lAdbfWZ6lfhw98ATQCWKGiyrqBl9qK-c3O-Gsu8MD-MMIBdnzXmMt0VsoBQhlf1REfGXtp3ahpEuDzIcoZH48slBdAqP3B6-k2ATI0CzcxdDTcNSB-YSfVMVHkDmq1ls3e4-7mfZFbsAbwKlUuQgN_eldi2al-_HfY9rLn7JrBR7-_lUiRTZZPziqtvHAwfuvLr68Vxy_DwfB--FF_xhsTgWXSMhowMCrn8Ye-_jtyy5xJCMYJGNRzcoTH_KcrsjV182A5y8nzLf9wNkkjO6SgxfByXQv2zkgFAaxYqhFA3IS8lRxjPnBBYoR24KTWKT24mZ_4fR_odVuj8g5HYUl2UzX_HT8g7uHwLgKynxrSPbP1ok4gjsFSVKboq0tyjtVJPrFV2KGU0ZbYzR5MWKPi0L5K5WgaJBxHmAEtvs-EHWpo_1rC68
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://randomgenerate.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/24653/ Frame 614E 11 KB
11 KB 126ms
126ms Script
text/javascript 54.161.150.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/24653/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjst4_7BA-nu2-Vu9M5Hz5yRe7rSg4DIzCdrXHDiBWOBmqbAFzKWiKgQnfkTjr0nuS82qBCZC1Y9OyFjmY_BLPBfAZvi_NndQQar5O4vX_BlinNkw22mTyixkXoOPz8ZoFlH8CveLAXReQih0MjasoPEoB-rfT4pOMgAzNIRas-qvGNjiFn_auM_5XLGJaxf7mLDaQBBcd0FO4zQKGJapTPFZ4NYr2Sub2TVpwSU3MV9sEakgCVgzb0SLoBEdta51FXkjgCm-2QdfC1rHRu48SwjMZhvRS7GXEYs-w_0mek2vCE54DknG6WSGVXzmniyvROfYjYvTbkTTZEiWLxprbqZUmByAPHUaAmYaP0RpYjcqOAQUdQlSeE-ijsyW_dGbhz-_sDvlpecSYcZCajSyTcUunSgAFdpZiPJSuG_Yt_g3lRWp9GxLfR6swxOcKkX2VAfMYJfIg7qcX6RQEg5JukOnvwhfdjAlkzzM1xTls-wkEGjCdOPs_gZOfAmdd2I5-p60xcWqHTl-Vd9hgIo3eo-MymRfu8uW-OKX6PsyeiJwF92D14UYqtWTO3_UQW-_NhjD9UEfMUhX65M993ZFoNHsUqbRIyeRil5zDUpyr7CiOTuYBswh2d9wvubV0U5fohyOrf0vTtK1dyO3LH9TUuQLCYyQh5vWc9HBogH5Dyn4UWkl5flwAFaRIAJ3v-zcw5gFqJJR_sboj0eW--LXUzok39yzirucEHjlBIKe57w68F_-ZEJEbWCV8XtZBDweZpG-q0sZlII1kYPjqHS8g03jD95M-4xntnJreSxPLUQZ7PZJT53W8ySL12-531__t5SxwHtLPDK9q4f1pfhPpy-ArPKH7GIH281IReNopVS1Haa7QD9igZV_K9-not6KPZs6bU8Rt36vfX8ZxIu55CNz1n10QLai1qCC8V9mJpMkoyfvNgh4KqHbC96ij11VTxDx2cRGupCzezclg-g__FHl_Yb-zujCBtvYuZVsDTXxjvZJnKZW7M09HcTzzt3ddf-Www1OOSE9jJUyEoyN1YoTJehPdaCJWOmOgBC1Y0ynkU2lZEm7uKChvMLK4U-Qj56WNg0kXYrrJANC8A6_oJTpPhmraTZwKXRhLqKJ-WEO8hGKfv1KKC2G0N7ZsuY6jx8qiP7_fPK0v-bt5r7vduom8lvPvdPuVBFGlBWIanq1OXmPTWUfn5wuLVBMA4rUtkgJ0_DMLSNxX7ezuGjOlayKfDU7MOBtDP8vVgakBwnZfQhtqZZHRdox6tUcJMES-c5--CeuJlxdF5MCxjTK2LAdbfMOeiwTIcnE-am1buHH-OBuCBVq_8DbRJDnvXhNrzPEAApTn7rKgIlbBrBvMnND3zz0SQ%26sai%3DAMfl-YRXxb5YYlepqNX_SfGFA5ESeDpab6MFC1rZS-s6oTdLt32o2L5fou2kVokhLajBZnA2l3pEX1p8dj46J_hlTyxEgJRnf2ZJr4as1U5k224HlSjVddL5TurBp5f6JrL7BmWDUJVSBwE1c4j1f_AYH3n7WUL4JZmgNu4NBzJN7Whx1OXtionLPEO5NvGKwJoYHfRAHllptAC2yuOWY4BCIVV_ys_TshJqem8uu4fpuTQLTAgH7dFrTFOn2pCR0658_Far0B1GyuhhDT0%26sig%3DCg0ArKJSzOdEDR34mQ9TEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30110444&DFA_PlacementId=369669180&DFA_AdId=560533384&DFA_CreativeId=168149131&DFA_SiteId=6958819&TC_1=cmmfbeajaux&TC_2=30110444&TC_3=369669180&TC_4=168149131&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560533384$dcmrenderingid|168595328$dcmsiteid|6958819$dcmplacementid|369669180$customer|Microsoft$dv360auctionid|ct=DE&st=&city=5722&dma=0&zp=28329&bw=4&DCM_PlacementID=369669180&edge=y&html5=y&nr=0.704443961994621
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.150.198 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-150-198.compute-1.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: b8661a04701eb6a4972852d7ffb3874e5174d33b69defee1992351190b456195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: text/javascript;charset=utf-8
pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: AMO-jAds/1.1
expires: Mon Jan 29 17:30:30 UTC 2024

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/24651/ Frame D81B 11 KB
12 KB 125ms
125ms Script
text/javascript 54.161.150.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsu0cxk97opyjAxax4M_oUut9LyDpvX9sxs9IQaYWFS-DUppLpWKdqB4cCIum4caaCeiRfquWaGaG-ujz0Qyn_Z_d0Yb9AKj_GlqqFOKSlad5KFWARpCIjKXXfJsIuWt6TOt-0vYTwNzE34HSvRVkuawm1tBSzuWUimXWLYTaHHa8lpppNMGKaBkVbxhklYMBOxJAB26eX4Z940-B47ShcYxMnFUHfgpnn5jVAFPkDhMn7bM2MzPRG3P9F6tmpQhPWxkOxTYzdOgqxQPw5fJQk_n_XPtkAgUtqL5EtZjGsqMrq_37jsGVtcy6xXrKNrHlUZe4DCJfUpCnOcpch9aDNzuUxdq0slLk2Tfe8VWDxiUtF5r5VeRqJWaLL4-KN9egX6ID29iiGJ3PGt_UHLnp2q7d7KER3GgXlSDXOT3Xeps1la0k6b3pBHdJx7xXPPxUcNQg5i2F7yAi6BnXNOFeDvbIp3DkWveA_5PBlTbAK_FkPbkuUqj0NjP1idXnS22-MfYRm_Gc1N2DWjcSuDz6XHdDjm31BjimIRZjUHaendhcZ_l6zEQqMfODl_3q5hBcYYUkrhHXSVsDcWaxFiOlZ8ErmDBMahlhoL7XdCXoBRBSg6aekZboWYqE1enqxYX8PfN0bklJCheZKiSw9giZrXhvxhYH2veFjj2hoLXRdM53B_r7EVrw3yztCOI_S0zmVY27v-xrM5-iuzSC4s64mmngVEHeZkPcNx3ZIkusRntA9JHckUEPpm8EWup1hOuRnHkmgHZrj5rmheZEqTvQLigWBN9j7VMve_Ax3BPDp5BMGwHcoUp9_OOOFzLgrohmmEJp2_w5gpZN457-fv8c5NMgoJe2exXR2q_AHLzobAJ5eGDb6RFXL3ztWQi5nG3_n6uS9b-V5X-W-22Q3UV13rq9xho-9G93h5Mial3q516rISLfQ4-ogz45s4MQ9SMuw534Ik4YL9sWKs8Y1AecQtG32ZqA9AMH5AupjWhHMMQqzJUmpcg2WWH7Y6KmH4HgkUUc_ELciTCQAdlnTXOlSoCu5VaooZKr4x5JeKdSupkMg06NZVG6nzVKrU2Zf6P-kuHp9ix5Z7QMpnJJuvVdV4Vn2Rw18tP2vAIQsP1MSFxmAXAlL2iLMa2YHsVvuRmXDKkbm-78hlhRGxI25jQwvrUZxuv7WEekTh1cLItbZE09uICauIatP4-oAUnpeL4-lw4Qd3tuXH2hs1wh1Gsp5TVvmXL5I4H0oycPXmgGnQN7ARdERpZH5ssSY0i8hbPYs6iFJp5Aw4iMaz-_6LGm2Fnjw8wIgRYDc4oSn6B8clFiVdI3tCP1fkPZWAuRPSgTHRBANE4ybt-a6Ddy0y36zkr7g%26sai%3DAMfl-YSTxDNwpdMkhFOusu4lloAQ3hCQT7O6CUBk7t-76UVqKb9OuOy4TS0q7HtkYKoTD9OzcKCR-IRlZwRrZ6RLRieZ0ifLSgmVuui6WU71ENwHhgzdtGv7NSH1ZU1wVaCQnnhnjPF8bpq2xwxIglLrmjZVx8pdxnJbEQ4Uygb4LRnRaF6m31e9wOXt90QHlj1VHJlw4j1H848Af3ytoKpXheHEn1vf3X7ZizrsPUmu9QsNJe_bVBScRFd4yZ18ZCFmN8JNAZB2JFvcSK4%26sig%3DCg0ArKJSzBU3qy-oH-ytEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30110444&DFA_PlacementId=369668928&DFA_AdId=560448615&DFA_CreativeId=168150841&DFA_SiteId=6958819&TC_1=cmmfbeajaux&TC_2=30110444&TC_3=369668928&TC_4=168150841&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560448615$dcmrenderingid|168075220$dcmsiteid|6958819$dcmplacementid|369668928$customer|Microsoft$dv360auctionid|ct=DE&st=&city=5722&dma=0&zp=28329&bw=4&DCM_PlacementID=369668928&edge=y&html5=y&nr=0.9206446372240258
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.150.198 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-150-198.compute-1.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 9fd11c505993983e407169e0082f25c97da4892c9af394fc14859eba26afac50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: text/javascript;charset=utf-8
pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: AMO-jAds/1.1
expires: Mon Jan 29 17:30:30 UTC 2024

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/24651/ Frame 6774 11 KB
12 KB 133ms
133ms Script
text/javascript 54.161.150.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/24651/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstb3-3ZySd5kX1SkUDIvtw7gL9h2MvdLRiYF0tj7MW3YkSiyjZqEe1eRPGYBWssT1Omx3N_gtIlnFrQv3vgCsxdYxzk2QTja4TFW3Cww0mW1BFmGYWW9mXKA_LbO91zQKZcB5bFis5qy568SkdiTTqQUKmfq4n46hwQ45CsutVzdqojnsHw5fs_RTVWFndXHD_Pi3vZgMnXgSKkx7XrF4VMAE3XG6z5f3iBEiiqZB1sQ6KogXwBM5Ou92yo7y6krRZ7LDxI17P80VZraUZtR75BE3N2S8sxrKHBxUx9xMbSCu3MBeZ4pp2Eqd9SmL35vaororGqyCCFH-B39e6q65ZEFr7HbgpiRjs5G2cXAL3MoPli6VodKQUgcMgpgOD0WpuMyjxwpzl6rgDduWwvR4v5mejG8DXaNeUTpcmWPShQNMdXWQ863Mz8_9hOOiQNuceMdgJ4iYa6npF_2P8s-Wot-HUHE6ZSUPT-Y5C8AEqBkWeFWp56kRR6CyLjyH9JwHmAnI1BqnQ6sC3TDINaGmV_PhfL1_n8kae-erBIx15j1KmWaafm9SgnEvgH7LezkbT1-yW6_ZtVZMX-9AYBvMlDaSXR3ND51pYxpsdxowjbtDON7qqtOAxIHpCVKcoo_TkTQo10YgraKtkKzc-D-TvQRcjo10dqNPVLlyoPW30fbkxDvESXthTEEU7nYCegKFUIoevBAScuGPkDZKzjaEPXlPJ3x1z8yxX0AIZnkmK5WpZlU64yfx-OG2dBAZuVC4jrmeKyKkviPb83MnULiSVgkIPHQnbcVGo-656gp0PVhnsvBQLuyjJ4U099KZadoNcawV2DBCp12wz5XXc6tvwUHdPo4h8QL71xvAJAVYIOxNy2usFGUzvUsel7EKYmmxeWr6MwsiZty-8wZJxQDzCLBOtG3phsd5D-IyB7stkH8zUULg3DVFtFwcrRy6ZnNoTDvXZbLIOZ-FxbQG8P8WDBawV-A3VWqDM6cBtDGcdVJluLi4LBcACOcdvJKmEFqfRS5XPv76YNyuJGzb5no2Q89btLHMgelNQLTJ28o8ZMcwqweB_s7pEcS9WlkgM8IMz_ney43TKoXt8sYm8rxC6Jgkj8isurNHah1evbdRWJ5qr6VUzzIp0HMZpLnYANvzVqK0RZ4ekask0nc1A2eZKP_PikmireL16BPMgUOONQOi0FkM9Q8aSXVUsXPojFfDLke1yZHZPW8b1F9SQPHlQ9uplmgZ4ua4BoiK_QgXze3MoTGhJWBX_GWSGI1uKeZcFnAKwhi6vVA990agyxaB55VlSDOmesMkwFp7ABqBV9gpC4jGKUCnlbUtVD_vM4B-0Ks1qtgaWOAr3ci-EJsmQmgZCo9-k%26sai%3DAMfl-YRg0dL7Nf8F-EvnndiVikQ-f8JMy-vQTv6CvsKIQD_tJV1jfuzWfUcrPwxwpCSNhqaw1_OBuAcWzmqptN2dxZsTaHHU6O-a72Hg-zrDsfnRrgqcLYKT2PlI7LLkayNhzvM5Xlsws3c5yQKyD_2Nj9XMiVmSOV596FnoeYxpDN3Bbm0XAgCMrrICe7ssb-r9qWhLgLKdybjqtDjfeg_x6MjbJAGQGFZAVIPATdr5roYhAS-KsqVVziNpCy4oA1TKB-ui2Prl9pFrW5Y%26sig%3DCg0ArKJSzDd8u52PtaSzEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30110444&DFA_PlacementId=369668928&DFA_AdId=560448615&DFA_CreativeId=168150841&DFA_SiteId=6958819&TC_1=cmmfbeajaux&TC_2=30110444&TC_3=369668928&TC_4=168150841&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560448615$dcmrenderingid|168075220$dcmsiteid|6958819$dcmplacementid|369668928$customer|Microsoft$dv360auctionid|ct=DE&st=&city=5722&dma=0&zp=28329&bw=4&DCM_PlacementID=369668928&edge=y&html5=y&nr=0.4120061563652382
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.150.198 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-150-198.compute-1.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 5dbe9ddb3608025586bc6816d2fed0d0d0456bb10eab77a7d7047cc93074343f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-type: text/javascript;charset=utf-8
pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: AMO-jAds/1.1
expires: Mon Jan 29 17:30:30 UTC 2024

GET
H/1.1 200
OK html5-ad-script_v4.html Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame 3D9F 16 KB
4 KB 165ms
39ms Document
text/html 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAADygeplFZ
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3934
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 17:30:31 GMT
ETag: "1b5be864a-3fce-60eab39e88480"
Expires: Mon, 29 Jan 2024 18:30:31 GMT
Last-Modified: Thu, 11 Jan 2024 13:07:14 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 704C 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 30 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CEA6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59705e5c17faed92b0d66ee387c7c78b2d9aa7019062ac951ce404fc09e353f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK html5-ad-script_v4.html Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame C3FE 16 KB
4 KB 46ms
45ms Document
text/html 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAAN_hZ3lDB
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3934
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 17:30:31 GMT
ETag: "1b5be864a-3fce-60eab39e88480"
Expires: Mon, 29 Jan 2024 18:30:31 GMT
Last-Modified: Thu, 11 Jan 2024 13:07:14 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H/1.1 200
OK html5-ad-script_v4.html Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame 3A11 16 KB
4 KB 80ms
41ms Document
text/html 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAAL4zSeCsT
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3934
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 17:30:31 GMT
ETag: "1b5be864a-3fce-60eab39e88480"
Expires: Mon, 29 Jan 2024 18:30:31 GMT
Last-Modified: Thu, 11 Jan 2024 13:07:14 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H/1.1 200
OK mraid.js Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame 3D9F 0
390 B 119ms
39ms Script
text/javascript 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAADygeplFZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAADygeplFZ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 11 Jan 2024 13:07:14 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1b5be864b-0-60eab39e88480"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H2 200 getuid
eb2.3lift.com/ Frame B2D2 37 B
139 B 42ms
42ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 200
OK html5-ad-script_v4.html Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame D6C2 16 KB
4 KB 102ms
40ms Document
text/html 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAANlvOekSq
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3934
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 17:30:31 GMT
ETag: "1b5be864a-3fce-60eab39e88480"
Expires: Mon, 29 Jan 2024 18:30:31 GMT
Last-Modified: Thu, 11 Jan 2024 13:07:14 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F235 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 30 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 614E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 955e7adff45d5f8f8297b6a0506103bb1f413329cbb3af3998dddfbec9bc1ca8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 441C 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 30 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D81B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6df8f0196f61b059c0192e58428b33e52afd3fae2cd34313d833716829d82e5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3169 1 KB
643 B 39ms
39ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 29 Jan 2024 09:13:30 GMT
etag: 48472445140208031
expires: Tue, 30 Jan 2024 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6774 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4c20c0874c41340614d3b28dfcbfdae61ad929b1c76c53100e6ad81cc37d9eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6774 43 B
215 B 117ms
117ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=b7e846e2-d4ab-a3ec-b803-79dc6ca0f9cc&tv=%7Bc:2Ieigw,pingTime:-10,time:1157,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706549430582%7C%7C62029db07133f20717cc7d5233dd0566%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C1022cf7f9b4df5875ca830c23a147d15%7C%7Cb4920c32ee20ab47d836edb0ab1609cb%7C%7C9dd49db76ffd3bf361746e67d3a47292%7C%7C31bf34272c517bcff808627229e4b6e6%7C%7C1352487e3dd1e1f50bcbfcd4f81e3758%7C%7C1663701684,sca:%7Bspg:6c71c6ca-22c3-7789-a301-ec12c395d789%7D%7D
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 704C
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEGdO9Jp_e7ls52PApx8JfiY&google_cver=1&google_push=AXcoOmTHPWbTMphR0HRgFiKTBusiVD1TyYqfHsMJ2B6I7nQEc55-ltD2XocVjmhluqinXE_nbs9hXQS7wRY...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTHPWbTMphR0HRgFiKTBusiVD1TyYqfHsMJ2B6I7nQEc55-ltD2XocVjmhluqinXE_nbs9hXQS7wRYuvqCDFgW87GGgDGCepA&google_hm=gY5WBB_LSiei5gfx1V...

170 B
188 B

51ms
51ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTHPWbTMphR0HRgFiKTBusiVD1TyYqfHsMJ2B6I7nQEc55-ltD2XocVjmhluqinXE_nbs9hXQS7wRYuvqCDFgW87GGgDGCepA&google_hm=gY5WBB_LSiei5gfx1VzWlGc

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTHPWbTMphR0HRgFiKTBusiVD1TyYqfHsMJ2B6I7nQEc55-ltD2XocVjmhluqinXE_nbs9hXQS7wRYuvqCDFgW87GGgDGCepA&google_hm=gY5WBB_LSiei5gfx1VzWlGc
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 704C
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESELItfHpwJs7N7_oWqQzH3yk&google_cver=1&google_push=AXcoOmTbCfZOgkuwEUVD8gNDE_Hx9Jjfa9gMXfqqD_R3ojCa6GF-SxnkE1vz2MhSAIR7IiI3jjV4lagkkzX...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTbCfZOgkuwEUVD8gNDE_Hx9Jjfa9gMXfqqD_R3ojCa6GF-SxnkE1vz2MhSAIR7IiI3jjV4lagkkzXg4l1OY_ph8Geej3khng

170 B
188 B

59ms
58ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTbCfZOgkuwEUVD8gNDE_Hx9Jjfa9gMXfqqD_R3ojCa6GF-SxnkE1vz2MhSAIR7IiI3jjV4lagkkzXg4l1OY_ph8Geej3khng

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmTbCfZOgkuwEUVD8gNDE_Hx9Jjfa9gMXfqqD_R3ojCa6GF-SxnkE1vz2MhSAIR7IiI3jjV4lagkkzXg4l1OY_ph8Geej3khng
Date: Mon, 29 Jan 2024 17:30:31 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 704C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEA-Vk3TTIFP69PfO0K4Zu4M&google_cver=1&google_push=AXcoOmQwnfzUGwNnWt-5YTw3ltFO8tMGM6TzxucAtlvxE0s1I0MTKntFdkhBoLQcyAi77CSkmKzrQ8OKfwWBDV-gWmMnzwy...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQwnfzUGwNnWt-5YTw3ltFO8tMGM6TzxucAtlvxE0s1I0MTKntFdkhBoLQcyAi77CSkmKzrQ8OKfwWBDV-gWmMnzwyZSAiTzQ&google_hm=eS02cjFRVFdSRTJwSDB4...

170 B
188 B

50ms
50ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQwnfzUGwNnWt-5YTw3ltFO8tMGM6TzxucAtlvxE0s1I0MTKntFdkhBoLQcyAi77CSkmKzrQ8OKfwWBDV-gWmMnzwyZSAiTzQ&google_hm=eS02cjFRVFdSRTJwSDB4UFFncUVhZXVOZmp5aEpXaVBDSH5B

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 29 Jan 2024 17:30:31 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQwnfzUGwNnWt-5YTw3ltFO8tMGM6TzxucAtlvxE0s1I0MTKntFdkhBoLQcyAi77CSkmKzrQ8OKfwWBDV-gWmMnzwyZSAiTzQ&google_hm=eS02cjFRVFdSRTJwSDB4UFFncUVhZXVOZmp5aEpXaVBDSH5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 704C 43 B
94 B 52ms
51ms Image
image/gif 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEXCW3m4SK8WeEQ7VGTKt30&google_cver=1&google_push=AXcoOmRf5K8nG4FZTsBpYjr0tAbmMAkbNgYQ5VQlzI3H4mGOKsrDedw012Alexj8Xey1-BEegOF1TjIvrShYDxUuqr0RAaKwjc_VMA
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 704C
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESECX4aIywDMFaSFu9bvYhHVI&google_cver=1&google_push=AXcoOmR0_JWgohAPwBo1sbFfd8_K4pj2Io1ntj4y9yfRbCPuUT27Zi0RuH-2rUQY0-vSGmErF3dy0vylz8oHXoXFifHDIroUz1JQ
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ5NTUxMDMxOTA4NTUzODAwMFYxMA%3d%3d&mn_hm=MzQ5NTUxMDMxOTA4NTUzODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR0_JWgohAPwBo1sbFfd8_K4pj...

170 B
188 B

52ms
52ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ5NTUxMDMxOTA4NTUzODAwMFYxMA%3d%3d&mn_hm=MzQ5NTUxMDMxOTA4NTUzODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR0_JWgohAPwBo1sbFfd8_K4pj2Io1ntj4y9yfRbCPuUT27Zi0RuH-2rUQY0-vSGmErF3dy0vylz8oHXoXFifHDIroUz1JQ&gdpr=&gdpr_consent=

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 17:30:31 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzQ5NTUxMDMxOTA4NTUzODAwMFYxMA%3d%3d&mn_hm=MzQ5NTUxMDMxOTA4NTUzODAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmR0_JWgohAPwBo1sbFfd8_K4pj2Io1ntj4y9yfRbCPuUT27Zi0RuH-2rUQY0-vSGmErF3dy0vylz8oHXoXFifHDIroUz1JQ&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Mon, 29 Jan 2024 17:30:31 GMT

GET pub
cs.chocolateplatform.com/ Frame 704C 0
0

GET
H/1.1 200
OK https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 704C 43 B
235 B 43ms
43ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOi_u4RGPzcJs2k71WKGdfs&google_cver=1&google_push=AXcoOmSV8uVSuLDWHs2eDuy5kVJ8E5N1M5w4uc-e_RPcLnQvZkkFog2OqC9a6rGgUGw7Ha3Xe3GDuYsVm-I-Vwmq9Z2uNTZn4XAWiDo
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 704C 0
12 B 50ms
50ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQI0KNEOcMFXPZuVpe6WB8DSb-TSqMCXRQp7jCAda_K1FtpO_gNDGdmWqjZVvkIJAUkuyOyQ

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK mraid.js Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame C3FE 0
390 B 39ms
39ms Script
text/javascript 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAAN_hZ3lDB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAAN_hZ3lDB
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 11 Jan 2024 13:07:14 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1b5be864b-0-60eab39e88480"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 204
No Content prebid.gif
as.ck-ie.com/ Frame B2D2 0
114 B 514ms
272ms Image
text/plain 8.2.110.113
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.2.110.113 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 29 Jan 2024 17:30:31 GMT
Content-Type: text/plain

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CEA6 43 B
215 B 117ms
117ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=14eabd31-13cc-6cae-4b79-a87652180509&tv=%7Bc:2IeigL,pingTime:-10,time:1241,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706549430582%7C%7C62029db07133f20717cc7d5233dd0566%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C1022cf7f9b4df5875ca830c23a147d15%7C%7Cb4920c32ee20ab47d836edb0ab1609cb%7C%7C9dd49db76ffd3bf361746e67d3a47292%7C%7C31bf34272c517bcff808627229e4b6e6%7C%7C1352487e3dd1e1f50bcbfcd4f81e3758%7C%7C1663701684,im:%7Bpci:%7Btdr:1122%7D%7D,sca:%7Bspg:6c71c6ca-22c3-7789-a301-ec12c395d789%7D%7D
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK mraid.js Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame 3A11 0
390 B 59ms
39ms Script
text/javascript 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAAL4zSeCsT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAAL4zSeCsT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 11 Jan 2024 13:07:14 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1b5be864b-0-60eab39e88480"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame F235 35 B
465 B 217ms
43ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM4dDJIuCPCOQ-yjGHVOyD0&google_cver=1&google_push=AXcoOmSJynUHspAjLiXntc9oaH_uaGu4C2YBqUVB2X8qkNy-qaCVcJn4MQU3S-SKOY6BdTh-HpRSTi_OzcgsFz9Hnug2WZotVQc

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame F235
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFaQI2ZLhdqL2no0Erym_V8&google_cver=1&google_push=AXcoOmQyOT5EgAm4ksgDKpxaxy3MZe1IL0aW2xj32jUl3rY4bStIhciZx08LKsXCJfMb8YdCFhfC80h-i2ItbuLzaFzOyISO98I&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFaQI2ZLhdqL2no0Erym_V8&google_cver=1&google_push=AXcoOmQyOT5EgAm4ksgDKpxaxy3MZe1IL0aW2xj32jUl3rY4bStIhciZx08LKsXCJfMb8YdCFhfC80h-i2ItbuLzaFzOyISO98I...

43 B
419 B

219ms
211ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFaQI2ZLhdqL2no0Erym_V8&google_cver=1&google_push=AXcoOmQyOT5EgAm4ksgDKpxaxy3MZe1IL0aW2xj32jUl3rY4bStIhciZx08LKsXCJfMb8YdCFhfC80h-i2ItbuLzaFzOyISO98I&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQyOT5EgAm4ksgDKpxaxy3MZe1IL0aW2xj32jUl3rY4bStIhciZx08LKsXCJfMb8YdCFhfC80h-i2ItbuLzaFzOyISO98I%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84d3341c38344d7a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 494
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFaQI2ZLhdqL2no0Erym_V8&google_cver=1&google_push=AXcoOmQyOT5EgAm4ksgDKpxaxy3MZe1IL0aW2xj32jUl3rY4bStIhciZx08LKsXCJfMb8YdCFhfC80h-i2ItbuLzaFzOyISO98I&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQyOT5EgAm4ksgDKpxaxy3MZe1IL0aW2xj32jUl3rY4bStIhciZx08LKsXCJfMb8YdCFhfC80h-i2ItbuLzaFzOyISO98I%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 84d3341adecd4d7a-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F235
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFdY4Idy-M6mkx4MRH6abrw&google_cver=1&google_push=AXcoOmTzD0McDetZGRoIiuhYcoz_hYQQUj0ir1zT3KEY7mdiJqsZ3AjFhGGXHt9wIOl0dtD97d8ppljz...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFdY4Idy-M6mkx4MRH6abrw&google_cver=1&google_push=AXcoOmTzD0McDetZGRoIiuhYcoz_hYQQUj0ir1zT3KEY7mdiJqsZ3AjFhGGXHt9wIOl0dtD97d8...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTYzMzc0OTkwMTkxNTY0MDc1Mw&google_push=AXcoOmTzD0McDetZGRoIiuhYcoz_hYQQUj0ir1zT3KEY7mdiJqsZ3AjFhGGXHt9wIOl0dtD97d8ppl...

170 B
188 B

51ms
50ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTYzMzc0OTkwMTkxNTY0MDc1Mw&google_push=AXcoOmTzD0McDetZGRoIiuhYcoz_hYQQUj0ir1zT3KEY7mdiJqsZ3AjFhGGXHt9wIOl0dtD97d8ppljzPdLeW9-Z1Z09Ki5py9I

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTYzMzc0OTkwMTkxNTY0MDc1Mw&google_push=AXcoOmTzD0McDetZGRoIiuhYcoz_hYQQUj0ir1zT3KEY7mdiJqsZ3AjFhGGXHt9wIOl0dtD97d8ppljzPdLeW9-Z1Z09Ki5py9I
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F235
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEYmOx8TVHU4UuqzhOyU4Sw&google_cver=1&google_push=AXcoOmQ10NIlQYTUbMEDIX9hP-Xz1gRDjuzQzpSIfMzfVeHHA7a5ulFbMMHq6QHkZOCWXl0ob9L6g2GCSfoGvh1...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=S94_zfCQUQJN8qREmDqwTFD_B2c&google_push=AXcoOmQ10NIlQYTUbMEDIX9hP-Xz1gRDjuzQzpSIfMzfVeHHA7a5ulFbMMHq6QHkZOCWXl0ob9L6g2GCSfoGvh...

170 B
188 B

49ms
49ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=S94_zfCQUQJN8qREmDqwTFD_B2c&google_push=AXcoOmQ10NIlQYTUbMEDIX9hP-Xz1gRDjuzQzpSIfMzfVeHHA7a5ulFbMMHq6QHkZOCWXl0ob9L6g2GCSfoGvh1f-T3C56he0_4

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=S94_zfCQUQJN8qREmDqwTFD_B2c&google_push=AXcoOmQ10NIlQYTUbMEDIX9hP-Xz1gRDjuzQzpSIfMzfVeHHA7a5ulFbMMHq6QHkZOCWXl0ob9L6g2GCSfoGvh1f-T3C56he0_4
Date: Mon, 29 Jan 2024 17:30:31 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F235
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEPEaxheVv5Nx7oR_CXnGoF4&google_cver=1&google_push=AXcoOmRVoAw2cnHnI3j-UsklS5qxSMjNbnKmra5Hs0XsFyIYsGSmgJJbKkoxMfvXuUI8Lp5eXgHFa-EaQho2vgeWpOMNAlXBJ6I
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRVoAw2cnHnI3j-UsklS5qxSMjNbnKmra5Hs0XsFyIYsGSmgJJbKkoxMfvXuUI8Lp5eXgHFa-EaQho2vgeWpOMNAlXBJ6I&google_hm=VkVVWVBycldXT3JSMXFfc...

170 B
188 B

51ms
51ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRVoAw2cnHnI3j-UsklS5qxSMjNbnKmra5Hs0XsFyIYsGSmgJJbKkoxMfvXuUI8Lp5eXgHFa-EaQho2vgeWpOMNAlXBJ6I&google_hm=VkVVWVBycldXT3JSMXFfcHFzejc=

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRVoAw2cnHnI3j-UsklS5qxSMjNbnKmra5Hs0XsFyIYsGSmgJJbKkoxMfvXuUI8Lp5eXgHFa-EaQho2vgeWpOMNAlXBJ6I&google_hm=VkVVWVBycldXT3JSMXFfcHFzejc=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2 302 ggl
ads.avads.net/sync/ Frame F235 0
80 B 224ms
51ms Image
text/plain 35.205.207.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.avads.net/sync/ggl?google_gid=CAESEChPEOlueasE7_AVxhyGgI0&google_cver=1&google_push=AXcoOmQeAt58w1ivduXtPXE-WXWHtSRXx6_TVI34DJYD55OawKU5OU9bFSqVoveyA5OKuSrzdkxoewYml07hg7-C--sbIbP8EFg
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.205.207.25 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 25.207.205.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

location
date: Mon, 29 Jan 2024 17:30:31 GMT
x-envoy-upstream-service-time: 3
server: istio-envoy
content-length: 0

GET
H/1.1 200
OK https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame F235 43 B
235 B 48ms
42ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEOi_u4RGPzcJs2k71WKGdfs&google_cver=1&google_push=AXcoOmT2ZXjtwx6yyuF-jZFydrO-lmrQhg8cJfRpVcsNQ5b3OStIUhOn2EzSThstQeLDX9VqUzJDKm9N8hx-0JGpfhDl-P8gVoNv
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F235 0
12 B 47ms
47ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JketExpvo7y4hAoDzef9YhP7p5AoKtWICT_Ci8N9dnFa_OCQOg2k6mufnWC_14-iqh12xDuZM

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 441C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmJmZ3RnQUFBLUxNc1dtdw==&google_gid=CAESEEGg3zoqclrDVW4-tXLuBvw&google_cver=1&google_push=AXcoOmTgF3knqCvY6DZzLT3yAdPEAnMeI5...

170 B
188 B

56ms
56ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmJmZ3RnQUFBLUxNc1dtdw==&google_gid=CAESEEGg3zoqclrDVW4-tXLuBvw&google_cver=1&google_push=AXcoOmTgF3knqCvY6DZzLT3yAdPEAnMeI5e2D4Ya2lJMbE_2T4aLskKwJz_aO8ns7VUOPSRguicpbdzBr_u_mUkdrAxTb7_Z3vpu

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-etou8220093-FRA
pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1706549431.493544,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmJmZ3RnQUFBLUxNc1dtdw==&google_gid=CAESEEGg3zoqclrDVW4-tXLuBvw&google_cver=1&google_push=AXcoOmTgF3knqCvY6DZzLT3yAdPEAnMeI5e2D4Ya2lJMbE_2T4aLskKwJz_aO8ns7VUOPSRguicpbdzBr_u_mUkdrAxTb7_Z3vpu
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 441C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHWi9YT3UjGBNbOSCaEhpmA&google_cver=1&google_push=AXcoOmR7GsEDzGDU5BmlU1fh2T61RU2JmLY1JWvZzrvB447ir_YOd3B8KQq8MiyEVbZeuFHIp4kr-anyFG1GuC...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyOTU3Mzk5NTE2NzQ3OTk2Mw%3D%3D&google_push=AXcoOmR7GsEDzGDU5BmlU1fh2T61RU2JmLY1JWvZzrvB447ir_YOd3B8KQq8MiyEVbZeuFHIp4kr-anyFG1GuC-a9d...

170 B
188 B

50ms
50ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyOTU3Mzk5NTE2NzQ3OTk2Mw%3D%3D&google_push=AXcoOmR7GsEDzGDU5BmlU1fh2T61RU2JmLY1JWvZzrvB447ir_YOd3B8KQq8MiyEVbZeuFHIp4kr-anyFG1GuC-a9dGNQppELseQ

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMyOTU3Mzk5NTE2NzQ3OTk2Mw%3D%3D&google_push=AXcoOmR7GsEDzGDU5BmlU1fh2T61RU2JmLY1JWvZzrvB447ir_YOd3B8KQq8MiyEVbZeuFHIp4kr-anyFG1GuC-a9dGNQppELseQ
Date: Mon, 29 Jan 2024 17:30:31 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 441C 0
163 B 48ms
47ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFZOkqFeg-gHluP8Q2uyGW8&google_cver=1&google_push=AXcoOmS51OwzQfKDQPX-M0Dkfco8nDOmksJ5woXvQdnVb8udkujoPbSQv6tYZO6i56SmvlQm1eFerSs1ajaB0we9BgAZXYfWRPa_
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 29 Jan 2024 17:30:31 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 441C
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub6871767557696&google_push=AXcoOmSKMnr7EKjm7nMkqZW-yiwqKs1N6gf9Tdd9RUuvdUIT2fCJCPov0QCGd7W4bAvpjW0x3NGld5cDKb1DzPX1ax1HFV43Frk6&google_gid=CAESEH91oA-Tb2_Ib...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH91oA-Tb2_Ib8JH8Sup9TI&google_hm=T1BVOGU1MDlmZmIzNGExNDFlMzhmMDA5MDI5ZjFlOGE5OGY&google_nid=opera_norway_as&google_push=AXcoOmSKMnr7...

170 B
188 B

50ms
50ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH91oA-Tb2_Ib8JH8Sup9TI&google_hm=T1BVOGU1MDlmZmIzNGExNDFlMzhmMDA5MDI5ZjFlOGE5OGY&google_nid=opera_norway_as&google_push=AXcoOmSKMnr7EKjm7nMkqZW-yiwqKs1N6gf9Tdd9RUuvdUIT2fCJCPov0QCGd7W4bAvpjW0x3NGld5cDKb1DzPX1ax1HFV43Frk6

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: Tengine
access-control-allow-methods: POST, GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH91oA-Tb2_Ib8JH8Sup9TI&google_hm=T1BVOGU1MDlmZmIzNGExNDFlMzhmMDA5MDI5ZjFlOGE5OGY&google_nid=opera_norway_as&google_push=AXcoOmSKMnr7EKjm7nMkqZW-yiwqKs1N6gf9Tdd9RUuvdUIT2fCJCPov0QCGd7W4bAvpjW0x3NGld5cDKb1DzPX1ax1HFV43Frk6
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 324
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 441C
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEMy2DN2cOG8K8ClYonY6xt4?ext-param=AXcoOmTzWCH4DFDYUJSn7hRIE4mF4upB8nwEmhVZGub832rM4YqTrV2abcJPsxH6oZyR-i_TeWCTc1fS0vqNPG5uZV0CyuC7p-rwOQ&partner-tag=yandex_ag...
https://an.yandex.ru/mapuid/google/CAESEMy2DN2cOG8K8ClYonY6xt4?redir-setuniq=1&ext-param=AXcoOmTzWCH4DFDYUJSn7hRIE4mF4upB8nwEmhVZGub832rM4YqTrV2abcJPsxH6oZyR-i_TeWCTc1fS0vqNPG5uZV0CyuC7p-rwOQ&partn...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEMy2DN2cOG8K8ClYonY6xt4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

95ms
95ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 13 Jan 2025 17:30:31 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

408

google
sync.gonet-ads.com/match/ Frame 441C
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEAubYouhZRCoMmPXgb7V4Go&google_cver=1&google_push=AXcoOmQwW5IemRkVFsWFdhMwmsgmIxDr_t9BneiZwAj_sQKBpFm8Ks7VEX9cK7fp7D7KnR_h2FydyV0iqkV14WnoOkNY...
https://sync.gonet-ads.com/match/google?google_gid=CAESEAubYouhZRCoMmPXgb7V4Go&google_cver=1&google_push=AXcoOmQwW5IemRkVFsWFdhMwmsgmIxDr_t9BneiZwAj_sQKBpFm8Ks7VEX9cK7fp7D7KnR_h2FydyV0iqkV14WnoOkNY...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=MmI1YjdmYWMxOTYzMjFhMg&google_push=AXcoOmQwW5IemRkVFsWFdhMwmsgmIxDr_t9BneiZwAj_sQKBpFm8Ks7VEX9cK7fp7D7KnR_h2FydyV0iqkV14WnoOkNYeXx...
https://sync.gonet-ads.com/match/google

15 B
15 B

251ms
251ms

Image
text/plain

188.42.105.220
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.gonet-ads.com/match/google

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

188.42.105.220 , Luxembourg, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

70f60044d161bbdd9a7cbea74e2d3100726004b2d4ce04b0c84a0214bf13ce0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 15
content-type: text/plain; charset=utf-8

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.gonet-ads.com/match/google
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 236
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 441C
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=394b6b2a-44a1-48f2-9c45-590959337794&google_cver=1&google_gid=CAESEKxHoh2i4KsuTTwdEq064nk&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

49ms
49ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=394b6b2a-44a1-48f2-9c45-590959337794&google_cver=1&google_gid=CAESEKxHoh2i4KsuTTwdEq064nk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQHvrslZbbRImnmXbrbxLKcjJcF83ndR2UVutc8njO8GQMgNXn__4b8hCPw4GapqmecnXzBelZ58DntXqVgg3NLx2W3-_Yj&gdpr=${GDPR}

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=394b6b2a-44a1-48f2-9c45-590959337794&google_cver=1&google_gid=CAESEKxHoh2i4KsuTTwdEq064nk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmQHvrslZbbRImnmXbrbxLKcjJcF83ndR2UVutc8njO8GQMgNXn__4b8hCPw4GapqmecnXzBelZ58DntXqVgg3NLx2W3-_Yj&gdpr=${GDPR}
date: Mon, 29 Jan 2024 17:30:31 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 441C 0
12 B 47ms
47ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdF8UQNaovqjadgw_QP_ZH95BDrU8BzDqzOyvnIVE2ktZ__S62D9-4OIomlNNUU7i3VNWZAU0g3A

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3169
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKs3MpjcVgEsEMvAFjpdULs&google_cver=1&google_push=AXcoOmSkScd1RPAInjuTl0NHgSs_EFMOHik19cufNfM71zn91I--VxLF6d13CYJ04dhSCNwT1EfFvSBV5L6sMqW26KF7eVe--iEiFA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2757F66D64BD404E95FBDCC9EE15289C&google_push=AXcoOmSkScd1RPAInjuTl0NHgSs_EFMOHik19cufNfM71zn91I--VxLF6d13CYJ04dhSCNwT1EfFvSBV5L6sMqW...

170 B
188 B

57ms
57ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2757F66D64BD404E95FBDCC9EE15289C&google_push=AXcoOmSkScd1RPAInjuTl0NHgSs_EFMOHik19cufNfM71zn91I--VxLF6d13CYJ04dhSCNwT1EfFvSBV5L6sMqW26KF7eVe--iEiFA

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 29 Jan 2024 17:30:31 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2757F66D64BD404E95FBDCC9EE15289C&google_push=AXcoOmSkScd1RPAInjuTl0NHgSs_EFMOHik19cufNfM71zn91I--VxLF6d13CYJ04dhSCNwT1EfFvSBV5L6sMqW26KF7eVe--iEiFA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sun, 28 Jan 2024 17:30:31 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 3169 43 B
58 B 49ms
48ms Image
image/gif 35.227.252.103
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEXCW3m4SK8WeEQ7VGTKt30&google_cver=1&google_push=AXcoOmTiFJpa8u6-Sx_3y5C54tvQWRUfznbdo89uCcPYtfXzkNk0PrOZ6kFzTGcf28Cd81RH39sdJJXoQ8TEu7dN03Hnl_fBSENkFg
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3169
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAgYAobHE47Qp8xxjcBDK40&google_cver=1&google_push=AXcoOmS9yh3tnyAooLwEqOKMePecji2fDmdGeD3W1i8bJnbLCIZ1NfwdXYAjmZbe1jUrfKRo0mI0JYVD6awT-Eaea...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAgYAobHE47Qp8xxjcBDK40&google_cver=1&google_push=AXcoOmS9yh3tnyAooLwEqOKMePecji2fDmdGeD3W1i8bJnbLCIZ1NfwdXYAjmZbe1jUrfKRo0mI0JYVD6awT-Eaea...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS9yh3tnyAooLwEqOKMePecji2fDmdGeD3W1i8bJnbLCIZ1NfwdXYAjmZbe1jUrfKRo0mI0JYVD6awT-Eaea5sDCaArBcl35w&google_hm=IEs6AGZHJR9zH3tRS1-N...

170 B
188 B

53ms
53ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS9yh3tnyAooLwEqOKMePecji2fDmdGeD3W1i8bJnbLCIZ1NfwdXYAjmZbe1jUrfKRo0mI0JYVD6awT-Eaea5sDCaArBcl35w&google_hm=IEs6AGZHJR9zH3tRS1-N-Glb

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmS9yh3tnyAooLwEqOKMePecji2fDmdGeD3W1i8bJnbLCIZ1NfwdXYAjmZbe1jUrfKRo0mI0JYVD6awT-Eaea5sDCaArBcl35w&google_hm=IEs6AGZHJR9zH3tRS1-N-Glb
access-control-allow-origin: *
date: Mon, 29 Jan 2024 17:30:31 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2 204 -
s.ad.smaato.net/c/n/// Frame 3169 0
238 B 239ms
75ms Image
text/plain 2600:9000:2362:ba00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELqitL8rhIj7J7eRMAniP1k&google_cver=1&google_push=AXcoOmRyZwqwVHxAV4vUwptuaHuI7Lv7919G0vuoK3cW5NB6Zm-6zj9C2KNefujjtt9tWPeKL7pMX1ZRw5d5IsB34BNYICWVNaFBnw
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2362:ba00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
cache-control: no-cache, must-revalidate
via: 1.1 ed393405ff603a61a1e63909cf1c1a44.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: gXv6q2SUipBptoAYTmGLAyVWDUDyMmkmZl8wG_TWI7nyuSgwAZgbDA==
x-cache: Miss from cloudfront

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3169
Redirect Chain

https://ads.yieldmo.com/exptsync?google_gid=CAESEPEaxheVv5Nx7oR_CXnGoF4&google_cver=1&google_push=AXcoOmRkLoqNBMxa6cIK6SrgHMwOZd2tWbPh7Q5Bt5QssvBxhpuafJUF7uUEkjcCXER3eLW-7QLF4jP81j-7HalUnQ3130K50TErNQ
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRkLoqNBMxa6cIK6SrgHMwOZd2tWbPh7Q5Bt5QssvBxhpuafJUF7uUEkjcCXER3eLW-7QLF4jP81j-7HalUnQ3130K50TErNQ&google_hm=VkVVWVBycldXT3I1Sn...

170 B
188 B

50ms
49ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRkLoqNBMxa6cIK6SrgHMwOZd2tWbPh7Q5Bt5QssvBxhpuafJUF7uUEkjcCXER3eLW-7QLF4jP81j-7HalUnQ3130K50TErNQ&google_hm=VkVVWVBycldXT3I1SnB3VE81dzU=

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRkLoqNBMxa6cIK6SrgHMwOZd2tWbPh7Q5Bt5QssvBxhpuafJUF7uUEkjcCXER3eLW-7QLF4jP81j-7HalUnQ3130K50TErNQ&google_hm=VkVVWVBycldXT3I1SnB3VE81dzU=
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 0

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 3169 0
44 B 792ms
261ms Image
text/plain 52.198.184.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEKinwex9ueonZ09O8VhaZqo&google_cver=1&google_push=AXcoOmShnVSVZ99NP9WGWNABU0jf2cYk-IKW2OXByWmTBomMCo1O7z2cK-dimR1kRGUnBVQh0xcFe0AZ7f475ll0qOSrMqNv0InU9Q
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.184.52 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-184-52.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
server: awselb/2.0

GET
H2

200

/
onetag-sys.com/match/ Frame 3169
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEADY3j6odncTPNJs-_SLgAw&google_cver=1&google_push=AXcoOmS62_DRCe0NgLUtpc0gZYzTCe1K0_PkVdC95I6ErlNOLhCJRr_PM0D2wsKLmACi37-20JA0W9bLZqv...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS62_DRCe0NgLUtpc0gZYzTCe1K0_PkVdC95I6ErlNOLhCJRr_PM0D2wsKLmACi37-20JA0W9bLZqvDYtpsuxuyNGGjku7dahk
https://onetag-sys.com/match/?int_id=19&google_error=5

0
200 B

41ms
39ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3169 0
12 B 51ms
50ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlvCdHEwgRzrVop7TV0LaWlGwCUW1J1kP5kYevVWHI9lsgiNDI2I1k10orKlHylXAOxtjwqw

Requested by

Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D81B 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=6407d2df-5356-9d3d-318c-b2021426d899&tv=%7Bc:2Ieihm,pingTime:-10,time:1133,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1706549430582%7C%7C62029db07133f20717cc7d5233dd0566%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C1022cf7f9b4df5875ca830c23a147d15%7C%7Cb4920c32ee20ab47d836edb0ab1609cb%7C%7C9dd49db76ffd3bf361746e67d3a47292%7C%7C31bf34272c517bcff808627229e4b6e6%7C%7C1352487e3dd1e1f50bcbfcd4f81e3758%7C%7C1663701684,im:%7Bpci:%7Btdr:1056%7D%7D,sca:%7Bspg:6c71c6ca-22c3-7789-a301-ec12c395d789%7D%7D
Requested by: Host: 7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
URL: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 614E 0
0 76ms
75ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsswQzanAk0BVhNElsRUdJSWPSHtFZTABh9TZzW8VNfGBaIwdo3dRYUZkjmkiustyEMSwu0-2lKnFQv6RgBX6q4nfzfdsgVpbaNCw9kZdkJEHUXd2u3uHPe-oORaQzDXrcHO4-UaYXiz49sB1X-0ef2V_iuFZZcndRGDBuuUCkxXss1uh4YpjBBn&sai=AMfl-YRLcIJxhhAr5Brr_0JI5x_HXjglOJPQglIx-utgeUtQWlR4UJCjKuVHYa_l_U6acfS1lll6xJwF30V9_bIpdh_BBYOUTKVFQR--EjozR5xzzwrHXTLkc79clT4H6A&sig=Cg0ArKJSzMiLAmvC6OeXEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=869&vt=11&dtpt=868&dett=4&cstd=0&cisv=r20240122.63394&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
241 B 202ms
45ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: X-Requested-With

GET
H/1.1 200
OK 728x90.html Show response
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/ Frame 080B 14 KB
4 KB 40ms
39ms Document
text/html 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAADygeplFZ
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 91ea9d151e7ab252501a473e052b27bf88d2096dc8cff8a0e298cffd710c31f4

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAADygeplFZ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3926
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 17:30:31 GMT
ETag: "1a9258bdd-395d-60561f72aae40"
Expires: Mon, 29 Jan 2024 18:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H/1.1 200
OK 160x600.html Show response
dco-assets.everestads.net/ics-campaign//5031/t/8821/8/ Frame D7CC 8 KB
3 KB 42ms
42ms Document
text/html 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/160x600.html
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAAN_hZ3lDB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 661ebe99760ef6650ce94345ea99d24a985aada72f44055b7c5e9ae306d1895d

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAAN_hZ3lDB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2487
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 17:30:31 GMT
ETag: "1a9845370-218c-6056176f50680"
Expires: Mon, 29 Jan 2024 18:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:20:26 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H/1.1 200
OK 728x90.html Show response
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/ Frame 85BC 14 KB
4 KB 39ms
39ms Document
text/html 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAAL4zSeCsT
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 91ea9d151e7ab252501a473e052b27bf88d2096dc8cff8a0e298cffd710c31f4

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAAL4zSeCsT
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3926
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 17:30:31 GMT
ETag: "1a9258bdd-395d-60561f72aae40"
Expires: Mon, 29 Jan 2024 18:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H/1.1 200
OK mraid.js Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame D6C2 0
390 B 43ms
42ms Script
text/javascript 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAANlvOekSq
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAANlvOekSq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 11 Jan 2024 13:07:14 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1b5be864b-0-60eab39e88480"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK style.min.css
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/css/ Frame 080B 4 KB
5 KB 43ms
40ms Stylesheet
text/css 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/css/style.min.css
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a90bd26e-11d1-60561f72aae40"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4561
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H2 200 AMOLibrary.js Show response
ads.everesttech.net/ads/static/local/ Frame 080B 5 KB
6 KB 122ms
119ms Script
application/javascript 54.161.150.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.150.198 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-150-198.compute-1.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: cache
date: Mon, 29 Jan 2024 17:30:31 GMT
last-modified: Wed, 22 Dec 2021 09:29:42 GMT
server: AMO-jAds/1.1
etag: W/"5582-1640165382000"
content-type: application/javascript
cache-control: cache,store,max-age=86400
accept-ranges: bytes
content-length: 5582

GET
H2 200 gsap.min.js Show response
cdn.jsdelivr.net/npm/gsap@3.0.1/dist/ Frame 080B 54 KB
22 KB 55ms
52ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/gsap@3.0.1/dist/gsap.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5144710
x-jsd-version: 3.0.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220098-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"d8fc-fe8VvabeDqL+WzK+waTDAMtuAsE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WekXZ9QNyPVmpwohYDHd9wGdM7y7W232CBdlBhw0cLnsdYKbLS4AKz%2BzAhCkfHwj5ebLHGIzC9alEMgGTWo7qO9tdndJp4oVA%2FjS%2FwSeyil8lB48hMzc%2FH29x6VoKkjQADpx91W0RJ6CmlRt4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84d3341b0e493a91-FRA

GET
H/1.1 200
OK script.min.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/ Frame 080B 7 KB
8 KB 45ms
42ms Script
text/javascript 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a95254fe-1cef-60561f72aae40"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7407
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK style.min.css
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/css/ Frame 85BC 4 KB
5 KB 45ms
44ms Stylesheet
text/css 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/css/style.min.css
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a90bd26e-11d1-60561f72aae40"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4561
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H2 200 AMOLibrary.js Show response
ads.everesttech.net/ads/static/local/ Frame 85BC 5 KB
6 KB 119ms
118ms Script
application/javascript 54.161.150.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.150.198 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-150-198.compute-1.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: cache
date: Mon, 29 Jan 2024 17:30:31 GMT
last-modified: Wed, 22 Dec 2021 09:29:42 GMT
server: AMO-jAds/1.1
etag: W/"5582-1640165382000"
content-type: application/javascript
cache-control: cache,store,max-age=86400
accept-ranges: bytes
content-length: 5582

GET
H2 200 gsap.min.js Show response
cdn.jsdelivr.net/npm/gsap@3.0.1/dist/ Frame 85BC 54 KB
22 KB 56ms
55ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/gsap@3.0.1/dist/gsap.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5144710
x-jsd-version: 3.0.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220098-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"d8fc-fe8VvabeDqL+WzK+waTDAMtuAsE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcIskzBd5%2F0VKvy%2BvXNyvFphb1kbraFIjwV7CXPQn19930y7bWq7VwuApt9%2FGad6yhpI4XZ2RvbNEjXT1l4npTkT8mNLsogvHxEXgWB3x4OOiJrhpX7V2RYD3L4r3YVAt1pbbZ4VYZJqwNYjvRE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84d3341b0e4a3a91-FRA

GET
H/1.1 200
OK script.min.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/ Frame 85BC 7 KB
8 KB 44ms
43ms Script
text/javascript 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a95254fe-1cef-60561f72aae40"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7407
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK style.min.css
dco-assets.everestads.net/ics-campaign//5031/t/8821/8/css/ Frame D7CC 4 KB
5 KB 41ms
41ms Stylesheet
text/css 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/css/style.min.css
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/160x600.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/160x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:20:26 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a921bdf8-11d1-6056176f50680"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4561
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H2 200 AMOLibrary.js Show response
ads.everesttech.net/ads/static/local/ Frame D7CC 5 KB
6 KB 118ms
117ms Script
application/javascript 54.161.150.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/160x600.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.150.198 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-150-198.compute-1.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: cache
date: Mon, 29 Jan 2024 17:30:31 GMT
last-modified: Wed, 22 Dec 2021 09:29:42 GMT
server: AMO-jAds/1.1
etag: W/"5582-1640165382000"
content-type: application/javascript
cache-control: cache,store,max-age=86400
accept-ranges: bytes
content-length: 5582

GET
H/1.1 200
OK script.min.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/8821/8/js/ Frame D7CC 7 KB
8 KB 86ms
43ms Script
text/javascript 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/js/script.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/160x600.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/160x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:20:26 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a921bdfa-1cef-6056176f50680"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7407
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6774 0
0 76ms
76ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsutQxq1wcMWNkkRZ6-YEXMyw8rtWLZUV6o_WD1SEzy8EClNKnEnJ4yKggbHM1_zfg_9kWnbvN-agZGX9T0T94sH2HU3NlsITfeE_GPCPYkrsdEiuJnfgndSlrV-oFPWcCAMVqklkSH3dFix01iEjTXWwPwQk3vcrCYz9HkCTO0VX_zaxPfO3qVm&sai=AMfl-YTwOXo2N77HoJWZJhQ9ek9b8BD_12LpxHMnwDDrtkZ3g2l4nqxNmsHG2HjGmm5Ilnr4toQu8VucifoNp4Lp_7CT06UanwrnkXI1_TdqkEbAQSI1tZ3tI035Riipfg&sig=Cg0ArKJSzJklm7BAkgMvEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=978&vt=11&dtpt=978&dett=4&cstd=0&cisv=r20240122.05918&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
240 B 48ms
48ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: X-Requested-With

GET
H/1.1 200
OK 728x90.html Show response
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/ Frame 00DA 14 KB
4 KB 63ms
43ms Document
text/html 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAANlvOekSq
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 91ea9d151e7ab252501a473e052b27bf88d2096dc8cff8a0e298cffd710c31f4

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZbfgtgAANlvOekSq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3926
Content-Type: text/html; charset=UTF-8
Date: Mon, 29 Jan 2024 17:30:31 GMT
ETag: "1a9258bdd-395d-60561f72aae40"
Expires: Mon, 29 Jan 2024 18:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 614E 43 B
215 B 117ms
116ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=6c71c6ca-22c3-7789-a301-ec12c395d789&tv=%7Bc:2Ieil7,time:1567,type:e,im:%7Bpci:%7Btdr:1504%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1567,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1562~0%5D,as:%5B1562~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:135,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C17.1525518-72172419%7C171%7C18.1525518-72172419%7C181%7C19.1525518-72172419%7C191%7C1a*.1525518-72172425%7C1a1%7C1b11%7C1b12%7C1c%7C1d,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:15,sis:471%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK style.min.css
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/css/ Frame 00DA 4 KB
5 KB 54ms
53ms Stylesheet
text/css 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/css/style.min.css
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a90bd26e-11d1-60561f72aae40"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4561
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H2 200 AMOLibrary.js Show response
ads.everesttech.net/ads/static/local/ Frame 00DA 5 KB
6 KB 118ms
117ms Script
application/javascript 54.161.150.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.150.198 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-150-198.compute-1.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: cache
date: Mon, 29 Jan 2024 17:30:31 GMT
last-modified: Wed, 22 Dec 2021 09:29:42 GMT
server: AMO-jAds/1.1
etag: W/"5582-1640165382000"
content-type: application/javascript
cache-control: cache,store,max-age=86400
accept-ranges: bytes
content-length: 5582

GET
H3 200 gsap.min.js Show response
cdn.jsdelivr.net/npm/gsap@3.0.1/dist/ Frame 00DA 54 KB
23 KB 55ms
55ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/gsap@3.0.1/dist/gsap.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7746880
x-jsd-version: 3.0.1
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"d8fc-fe8VvabeDqL+WzK+waTDAMtuAsE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nCwPFGzq9KAjxH1uycHXCjR0Itp3bGeE25Bo6YdmeZ31sPOJ%2FeeVRd58H%2F3jyIAh%2F%2BHAUbCW%2B%2FpZXM63wzfcoC6fGTHNeyczHIB7CjKqEmAvlgKRg%2FimTGEySYCCOCFirsvYBmVlTTPsJkxZ5oA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84d3341b985618f1-FRA

GET
H/1.1 200
OK script.min.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/ Frame 00DA 7 KB
8 KB 40ms
39ms Script
text/javascript 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a95254fe-1cef-60561f72aae40"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7407
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/fonts/ Frame 85BC 29 KB
30 KB 49ms
49ms Font
application/octet-stream 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/fonts/SegoePro-Semibold.woff
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Origin: https://dco-assets.everestads.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a9258bdf-74a0-60561f72aae40"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29856
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/fonts/ Frame 080B 29 KB
30 KB 49ms
49ms Font
application/octet-stream 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/fonts/SegoePro-Semibold.woff
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Origin: https://dco-assets.everestads.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a9258bdf-74a0-60561f72aae40"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29856
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/8821/8/ Frame D7CC 29 KB
30 KB 50ms
49ms Font
application/octet-stream 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/SegoePro-Semibold.woff
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/160x600.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/160x600.html
Origin: https://dco-assets.everestads.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:20:26 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a9f00763-74a0-6056176f50680"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29856
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6774 43 B
215 B 118ms
117ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=b7e846e2-d4ab-a3ec-b803-79dc6ca0f9cc&tv=%7Bc:2Ieinm,time:1581,type:e,im:%7Bpci:%7Btdr:1521%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1581,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1575~0%5D,as:%5B1575~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:119,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C17.1525518-72172419%7C171%7C18.1525518-72172419%7C181%7C182%7C19*.1525518-72172419%7C191%7C1a.1525518-72172425%7C1a1%7C1a2%7C1b11%7C1b12%7C1c%7C1d,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:16,sis:450%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D81B 0
0 74ms
73ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss14_h4IKrU67hibsSa13OEyf6LiWAWNOFIM-VNTIAodhwplAlcxk2U6kvCMLKze1HebnrSDgX29QsXijfpAqfrJtuepet8lRXTJY-3abu6hdQkycHBOPdhGsjY4ERLfyic31_ZMMO3AJp8wsO5KfZht3GXjWxl6ZibmCIKviAKZREUNzGRpKu6&sai=AMfl-YSczXWUSt03MlisrPqzRrTqnB9ynY8mMCLZlBQI1yD8wiwD4sx5AzWBEYTVdyaFRpfl-BblChv_2Ja20exlF74MMCw5ITCSouFL6PGXzUfBNU4Ac-U8Kuy_d8Cd_w&sig=Cg0ArKJSzGcdUlbVA7LpEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1176&vt=11&dtpt=1175&dett=4&cstd=0&cisv=r20240122.03845&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 29 Jan 2024 17:30:31 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
240 B 42ms
42ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: X-Requested-With

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CEA6 0
0 75ms
75ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsulythv-zmQ5-xTIBwfKIG9UO_fqWqUici5hSiBdo8UA4QNFxed6jPac6LuHlC3h9tZACIDzKS8OPUT2XMPSbDRFaPsE-iqouAD0IchKXzNqBRxvHd5DmKabU5_mRhpYX9rJN4Iyrtj9ML9drJ1_nztEPATonv5WJWvFgeWEhRDEOnC0RdqCZmc&sai=AMfl-YQy5ZLApX_MdSy3ZDlNreSAVA3-6QrH_tnB_XeKOodPdp6KHrn5Z5RnofeCcYpT_6NYOT1gCZrzw6U9p45cuLFtBWp3jmgphQ2FYoYgF0xCYuuJvGcsyT7YDF3Q3Q&sig=Cg0ArKJSzHnr6jOBHBMCEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1315&vt=11&dtpt=1314&dett=4&cstd=0&cisv=r20240122.97295&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 node.php Show response
node.setupad.com/node/ 0
240 B 53ms
53ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/saas/6380
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: X-Requested-With

GET
H/1.1 200
OK e51232cf9fc8dd7b4756cbe34f3be9cc.png
dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/ Frame 85BC 110 B
497 B 39ms
39ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/e51232cf9fc8dd7b4756cbe34f3be9cc.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:07 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "106564822-6e-60fc6932e0622"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK ca260197fa4494eea8c3c499d7600a07.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 85BC 13 KB
13 KB 47ms
47ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ca260197fa4494eea8c3c499d7600a07.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 481abe6d0d56ad513eb525004cb606c2dcbf1cc1b4614d9ce5933c52fdb1d0d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:51 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "15297987e-340a-60fc695d08ef4"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13322
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK f71b18ba3153b509865445c7b4706219.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 85BC 2 KB
2 KB 40ms
40ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/f71b18ba3153b509865445c7b4706219.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 48058c7cae6c0edd1606307d30e0bfec5267501b07d1b1a664644c7e30121911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:54 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "10573e103-758-60fc695f9a192"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1880
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK e51232cf9fc8dd7b4756cbe34f3be9cc.png
dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/ Frame 080B 110 B
497 B 53ms
52ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/e51232cf9fc8dd7b4756cbe34f3be9cc.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:07 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "106564822-6e-60fc6932e0622"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK f71b18ba3153b509865445c7b4706219.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 080B 2 KB
2 KB 39ms
39ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/f71b18ba3153b509865445c7b4706219.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 48058c7cae6c0edd1606307d30e0bfec5267501b07d1b1a664644c7e30121911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:54 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "10573e103-758-60fc695f9a192"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1880
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK af4e20efc54113bd203d01325fb9aa15.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 080B 12 KB
13 KB 40ms
40ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/af4e20efc54113bd203d01325fb9aa15.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 36b8658a0c918ff7fb8c374d36c45da0990fa4f4cf260e0cdaccf243cd17c271

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:11:01 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "151decc3d-3118-60fc6966c016b"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12568
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/8980/13/fonts/ Frame 00DA 29 KB
30 KB 83ms
49ms Font
application/octet-stream 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/fonts/SegoePro-Semibold.woff
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
Origin: https://dco-assets.everestads.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Fri, 15 Sep 2023 08:56:17 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a9258bdf-74a0-60561f72aae40"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29856
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK ca260197fa4494eea8c3c499d7600a07.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 85BC 13 KB
13 KB 47ms
46ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ca260197fa4494eea8c3c499d7600a07.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 481abe6d0d56ad513eb525004cb606c2dcbf1cc1b4614d9ce5933c52fdb1d0d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:51 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "15297987e-340a-60fc695d08ef4"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13322
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK f71b18ba3153b509865445c7b4706219.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 85BC 2 KB
2 KB 40ms
39ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/f71b18ba3153b509865445c7b4706219.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 48058c7cae6c0edd1606307d30e0bfec5267501b07d1b1a664644c7e30121911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:54 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "10573e103-758-60fc695f9a192"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1880
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H2 204 imp
analyticspixel.microsoft.com/aid/ Frame 85BC 0
366 B 166ms
78ms Image
text/plain 204.79.197.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspixel.microsoft.com/aid/imp?dcoimpid=ZbfgtgAAL4zSeCsT&dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560448615$dcmrenderingid|168075220$dcmsiteid|6958819$dcmplacementid|369668928$customer|Microsoft$dv360auctionid|ct=DE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.204 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0005.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7DFC3BC4C5374AFEAE0AAA768E0F8D51 Ref B: FRA31EDGE0614 Ref C: 2024-01-29T17:30:31Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK af4e20efc54113bd203d01325fb9aa15.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 080B 12 KB
13 KB 46ms
46ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/af4e20efc54113bd203d01325fb9aa15.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 36b8658a0c918ff7fb8c374d36c45da0990fa4f4cf260e0cdaccf243cd17c271

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:11:01 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "151decc3d-3118-60fc6966c016b"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12568
Expires: Mon, 29 Jan 2024 18:30:31 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/f71b18ba3153b509865445c7b4706219.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 48058c7cae6c0edd1606307d30e0bfec5267501b07d1b1a664644c7e30121911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:54 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "10573e103-758-60fc695f9a192"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1880
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H2 204 imp
analyticspixel.microsoft.com/aid/ Frame 080B 0
590 B 147ms
66ms Image
text/plain 204.79.197.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspixel.microsoft.com/aid/imp?dcoimpid=ZbfgtgAADygeplFZ&dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560448615$dcmrenderingid|168075220$dcmsiteid|6958819$dcmplacementid|369668928$customer|Microsoft$dv360auctionid|ct=DE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.204 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0005.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E320351637C46D081BFC09758244944 Ref B: FRA31EDGE0614 Ref C: 2024-01-29T17:30:31Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
vid.vidoomy.com/ Frame C91C 49 KB
19 KB 230ms
39ms Document
text/html 2a02:6ea0:c700::19
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 29 Jan 2024 17:30:31 GMT
etag: W/"a9290c6b5f8c75ebc321b414a16a5c2a"
last-modified: Tue, 12 Dec 2023 09:09:26 GMT
server: CDN77-Turbo
vary: Accept-Encoding Accept-Encoding
x-77-age: 619557
x-77-cache: HIT
x-77-nzt: A8O1qhE3Nzf/JXQJANRmOBE3Nzf/AAAAAG09WgJkdZwA
x-77-nzt-ray: 4c15622476838848b7e0b7652b03313b
x-77-pop: frankfurtDE
x-accel-date: 1705929874
x-accel-expires: @1706966674
x-age-lb: 619557
x-amz-request-id: tx000002fc06539416a6366-0065894919-2bb0e51-prg
x-amz-storage-class: STANDARD
x-cache-lb: HIT
x-rgw-object-type: Normal

GET
H/1.1 200
OK e51232cf9fc8dd7b4756cbe34f3be9cc.png
dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/ Frame 00DA 110 B
497 B 45ms
44ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/e51232cf9fc8dd7b4756cbe34f3be9cc.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:07 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "106564822-6e-60fc6932e0622"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK ca260197fa4494eea8c3c499d7600a07.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 00DA 13 KB
13 KB 65ms
64ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ca260197fa4494eea8c3c499d7600a07.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 481abe6d0d56ad513eb525004cb606c2dcbf1cc1b4614d9ce5933c52fdb1d0d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:51 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "15297987e-340a-60fc695d08ef4"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13322
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK f71b18ba3153b509865445c7b4706219.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 00DA 2 KB
2 KB 46ms
45ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/f71b18ba3153b509865445c7b4706219.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 48058c7cae6c0edd1606307d30e0bfec5267501b07d1b1a664644c7e30121911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:54 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "10573e103-758-60fc695f9a192"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1880
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK ca260197fa4494eea8c3c499d7600a07.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 00DA 13 KB
13 KB 47ms
46ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ca260197fa4494eea8c3c499d7600a07.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 481abe6d0d56ad513eb525004cb606c2dcbf1cc1b4614d9ce5933c52fdb1d0d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:51 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "15297987e-340a-60fc695d08ef4"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13322
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H/1.1 200
OK f71b18ba3153b509865445c7b4706219.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 00DA 2 KB
2 KB 39ms
39ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/f71b18ba3153b509865445c7b4706219.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 48058c7cae6c0edd1606307d30e0bfec5267501b07d1b1a664644c7e30121911

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8980/13/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:31 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:54 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "10573e103-758-60fc695f9a192"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1880
Expires: Mon, 29 Jan 2024 18:30:31 GMT

GET
H2 204 imp
analyticspixel.microsoft.com/aid/ Frame 00DA 0
366 B 89ms
89ms Image
text/plain 204.79.197.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspixel.microsoft.com/aid/imp?dcoimpid=ZbfgtgAANlvOekSq&dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560448615$dcmrenderingid|168075220$dcmsiteid|6958819$dcmplacementid|369668928$customer|Microsoft$dv360auctionid|ct=DE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.204 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0005.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0348B33EEF0F45A3AA6F5853B4815A5B Ref B: FRA31EDGE0614 Ref C: 2024-01-29T17:30:31Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame B2D2
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZbfgtSybyfxkNErkAKZKfwAA%265153

86 B
512 B

572ms
259ms

Image
image/png

209.192.201.180
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZbfgtSybyfxkNErkAKZKfwAA%265153
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:32 GMT
content-length: 86
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LZBH1NG1FQdgb5v4MSJg%2Fm5aQwWtuHfNluYMQ55UKq57gv2TeerZeKasF%2BNyxXz2RXaPrxSNkMkimgDPuYZf2wcd%2FFFVv0s6pMXw3YFS%2FVbRiG06fpyLmpGjMdM%2FMZR4f3Jsy9B"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZbfgtSybyfxkNErkAKZKfwAA%265153
cache-control: no-cache
cf-ray: 84d3341e8e70266d-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 urlsvid.json Show response
vpaid.vidoomy.com/sync/ Frame C91C 1 KB
1 KB 129ms
39ms XHR
application/json 2a02:6ea0:c700::17
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by: Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Mon, 29 Jan 2024 17:30:32 GMT
content-encoding: gzip
x-age-lb: 630202
x-amz-request-id: tx00000af051bbfb4afc491-006597defd-2bc55ff-prg
x-77-cache: HIT
x-amz-storage-class: STANDARD
x-accel-date: 1705919230
x-77-nzt: A5ySIYg3Nzf/up0JANRmOBE3NzexWbu8qQqqagA
x-accel-expires: @1706956030
x-77-age: 630202
x-cache-lb: HIT
last-modified: Tue, 26 Dec 2023 20:45:55 GMT
server: CDN77-Turbo
x-amz-meta-s3cmd-attrs: atime:1703619207/ctime:1703619207/gid:1000/gname:federicoi/md5:d0bbf411bc053227f208739885ca90c0/mode:33204/mtime:1703619207/uid:1000/uname:federicoi
etag: W/"d0bbf411bc053227f208739885ca90c0"
x-77-nzt-ray: f6587a1d90506ba0b8e0b7655b310b0c
vary: Accept-Encoding, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 614E 42 B
174 B 279ms
279ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstag6ZM2Xwof7qRZ-BRgspysUGYu458QYyCfslt4Mk5PdAnOEB5HRfWLbIdOKT2cNf887XZjOZH2kBsoUkd7F5ApkS9uIiVmwlENl_dtCv9UHq7-GPfIYdFRt9DZ9s7FYxiuJrpihNy9J8PqzAowaQffCzK&sai=AMfl-YSk-qcUSKnUL_M0A43L-1FeMIW4jm5h6ZJnWsR99RJyDNLN3frIL4peuKv2zc6RafWrKGOXXsUCdUE04QgRou3BSXEYjvLxlO8PiPwAlumW83IZHVoLlQmlf9g&sig=Cg0ArKJSzFYC1SEs8tjrEAE&cid=CAQSOwAvHhf_KQ9ebQYYmTSTtFYMYivYbof5xsMIKLDbQ2_yQX_dbScJWylCvhqEQgz3Ny216JfzgpNUys52GAE&id=lidar2&mcvt=1000&p=105,0,705,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1595910592&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170654943100&rst=1706549428888&rpt=2328&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D81B 42 B
108 B 303ms
303ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3vBNPyQeKsUvKoE7UogGD1UdcEP0w3yzcPXrA6ArwKMsNVf2rj_a9DlYl93gPVfOm3nR1HviWT1e1Ym6dAg5iDqry3A3K_tPA12ijKVjl4CJkCRIvfvfHl6mXQokV8x4kbgucr-JNqQotaLUNgSTZuNeE&sai=AMfl-YSbw6Z716E3ujot4mFUD7kC9Pk3XYSdVBzmK7s2gaK5-_vTh-p7izasaaAxB0FKxeU9Hn6bJe0vKuZT662mA_ToQsfsZMIUGO-3At1PEOD8vFCC5D1-U7xqc1w&sig=Cg0ArKJSzI1kWD1rqXE6EAE&cid=CAQSOwAvHhf_1efjfl_-0SrEurOVCNDxnNhn8oY9LyhsiCb7vlXRnsUo6vXDfGh1UJ7ExMR1WuqLR8Bb0GDaGAE&id=lidar2&mcvt=1003&p=881,436,971,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1204794351&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170654943100&rst=1706549428796&rpt=2437&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6774 42 B
108 B 278ms
277ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKMM069j7IYZjSAqfCoLkBrjo-uS0KVFX1GQRshwb2VkSmRSbw--zfSJAeRyX9q7uNRZfM-1GQXNoGxSrzkOfSvVWg4WEQyVeUV79nu6QZ1ttto2hhl-IE2Ya_ugPuH8C0CTB4akk5C18BaFSj7jbetwue&sai=AMfl-YT14GI1Po9SmT2865hNoPMzK6UAYjNKJtGWCg4Imnnqz0Dwpzmadahc9f5Lm_DIKfJ2AlE7_-Jv10gaHyIVq0nW1NTPUqTG2sZr38x_FVyzf9Zaku8pJhDmK5Q&sig=Cg0ArKJSzBi1rEhI8Y7OEAE&cid=CAQSOwAvHhf_KQ9ebQYYmTSTtFYMYivYbof5xsMIKLDbQ2_yQX_dbScJWylCvhqEQgz3Ny216JfzgpNUys52GAE&id=lidar2&mcvt=1005&p=270,436,360,1164&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3318566963&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170654943100&rst=1706549428861&rpt=2392&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D81B 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=6407d2df-5356-9d3d-318c-b2021426d899&tv=%7Bc:2Ieix8,pingTime:1,time:2111,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1111%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1000,o:1111,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1106~0%5D,as:%5B1106~728.90%5D%7D%7D,%7Bsl:i,t:1111,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:120,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525518-72172419%7C171%7C18.1525518-72172419%7C181%7C182%7C19.1525518-72172419%7C191%7C192%7C1a.1525518-72172425%7C1a1%7C1a2%7C1b11%7C1b12%7C1c1%7C1d,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,sis:353%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D81B 43 B
215 B 119ms
119ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=6407d2df-5356-9d3d-318c-b2021426d899&tv=%7Bc:2Ieix8,pingTime:1,time:2111,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:1111%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1000,o:1111,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1106~0%5D,as:%5B1106~728.90%5D%7D%7D,%7Bsl:i,t:1111,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:120,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C17*.1525518-72172419%7C171%7C18.1525518-72172419%7C181%7C182%7C19.1525518-72172419%7C191%7C192%7C1a.1525518-72172425%7C1a1%7C1a2%7C1b11%7C1b12%7C1c1%7C1d,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:13,sis:353%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
server: nginx
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 614E 0
20 B 266ms
266ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8764681176254&version=m202309260101&ct=76&x=1&cor=1316125485932548400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6774 0
20 B 269ms
268ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8001842067257&version=m202309260101&ct=76&x=1&cor=1642837776513485300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK e51232cf9fc8dd7b4756cbe34f3be9cc.png
dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/ Frame D7CC 110 B
497 B 40ms
39ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/e51232cf9fc8dd7b4756cbe34f3be9cc.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/160x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:32 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:07 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "106564822-6e-60fc6932e0622"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110
Expires: Mon, 29 Jan 2024 18:30:32 GMT

GET
H/1.1 200
OK 9c135cf856da97622c6b059a2c852d82.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame D7CC 34 KB
34 KB 48ms
48ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/9c135cf856da97622c6b059a2c852d82.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 191bcf4f1cb76f9f0266eb39b452547695d8b246bde3fb155cd3070b4eb8f02a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/160x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:32 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:28 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1157334a2-860c-60fc6946fc19e"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34316
Expires: Mon, 29 Jan 2024 18:30:32 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D81B 0
20 B 290ms
290ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4363397849924&version=m202309260101&ct=76&x=1&cor=2669711429223994400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEA6 0
20 B 265ms
265ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=852212890844&version=m202309260101&ct=76&x=1&cor=12516488076325382000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CEA6 42 B
64 B 281ms
281ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvt779E39QXnFrb_dF2OwVEplrbcWIuhY_CYj2uIfdthnM2ev0WzUXG-8rsUX0ulI-fFNMAv1tlbWTfLv8jpEQxVoo2OMX-CIMEB1AjmHOdDF1LeSqqg8hwgAF-36GZAGY3wLn1BleiO4LWEO0MSV7gpojD&sai=AMfl-YTzocGt1m3FVO3ZdfMIODXjjhVPr7IQoiYRIs3QULq0lGZF7CuzfVqVVYnROPHGdEPVzkmfKJTYADJBJLGeDCo92891jiclNzJb0ZOGvOOuC-M-M6ADz75oQkw&sig=Cg0ArKJSzLj07uOYl5XXEAE&cid=CAQSOwAvHhf_KQ9ebQYYmTSTtFYMYivYbof5xsMIKLDbQ2_yQX_dbScJWylCvhqEQgz3Ny216JfzgpNUys52GAE&id=lidar2&mcvt=1083&p=4069,436,4159,1164&mtos=1083,1083,1083,1083,1083&tos=1083,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3492553722&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170654943000&rst=1706549428834&rpt=2173&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/b-935e2f1-22fd8186.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CEA6 43 B
215 B 117ms
117ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=14eabd31-13cc-6cae-4b79-a87652180509&tv=%7Bc:2IeiFp,pingTime:1,time:2769,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D,%7Br:l,t:1169%7D,%7Bpiv:100,vs:i,r:,t:1686%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1083,o:1686,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1681~0%5D,as:%5B1681~728.90%5D%7D%7D,%7Bsl:i,t:1686,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1083~100%5D,as:%5B1083~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:118,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C17.1525518-72172419%7C171%7C18*.1525518-72172419%7C181%7C19.1525518-72172419%7C191%7C1a.1525518-72172425%7C1a1%7C1a2%7C1b11%7C1b12%7C1c%7C1d,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:15,sis:364%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CEA6 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=14eabd31-13cc-6cae-4b79-a87652180509&tv=%7Bc:2IeiFp,pingTime:1,time:2769,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:14%7D,%7Br:l,t:1169%7D,%7Bpiv:100,vs:i,r:,t:1686%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1083,o:1686,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1681~0%5D,as:%5B1681~728.90%5D%7D%7D,%7Bsl:i,t:1686,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1084~100%5D,as:%5B1084~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:118,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C17.1525518-72172419%7C171%7C18*.1525518-72172419%7C181%7C19.1525518-72172419%7C191%7C1a.1525518-72172425%7C1a1%7C1a2%7C1b11%7C1b12%7C1c%7C1d,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:15,sis:364%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK 9c135cf856da97622c6b059a2c852d82.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame D7CC 34 KB
34 KB 47ms
47ms Image
image/png 23.201.243.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/9c135cf856da97622c6b059a2c852d82.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.243.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-243-14.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 191bcf4f1cb76f9f0266eb39b452547695d8b246bde3fb155cd3070b4eb8f02a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8821/8/160x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:32 GMT
Last-Modified: Thu, 25 Jan 2024 15:10:28 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1157334a2-860c-60fc6946fc19e"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34316
Expires: Mon, 29 Jan 2024 18:30:32 GMT

GET
H2 204 imp
analyticspixel.microsoft.com/aid/ Frame D7CC 0
121 B 64ms
64ms Image
text/plain 204.79.197.204
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspixel.microsoft.com/aid/imp?dcoimpid=ZbfgtgAAN_hZ3lDB&dcmadvertiserid|8391437$dcmcampaignid|30110444$dcmadid|560533384$dcmrenderingid|168595328$dcmsiteid|6958819$dcmplacementid|369669180$customer|Microsoft$dv360auctionid|ct=DE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.204 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0005.a-msedge.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C45B731B5C314CF9B89F66EF265571D1 Ref B: FRA31EDGE0614 Ref C: 2024-01-29T17:30:32Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7C84 16 KB
6 KB 39ms
39ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=53035
content-encoding: gzip
content-length: 5622
content-type: text/html
date: Mon, 29 Jan 2024 17:30:32 GMT
expires: Tue, 30 Jan 2024 08:14:27 GMT
last-modified: Thu, 16 Nov 2023 09:11:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame B2D2
Redirect Chain

https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=IEs6AGZHJR9zH3tRS1-N-Glb

86 B
636 B

152ms
151ms

Image
image/png

209.192.201.180
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=IEs6AGZHJR9zH3tRS1-N-Glb
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:33 GMT
content-length: 86
content-type: image/png

Redirect headers

location: https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=IEs6AGZHJR9zH3tRS1-N-Glb
access-control-allow-origin: *
date: Mon, 29 Jan 2024 17:30:32 GMT
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 0
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame B2D2 0
239 B 43ms
43ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

setuid
user-sync.adxpremium.services/ Frame B2D2
Redirect Chain

https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=1633749901915640753

86 B
752 B

275ms
275ms

Image
image/png

209.192.201.180
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=1633749901915640753
Requested by: Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Server: 209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adxbid.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 17:30:33 GMT
content-length: 86
content-type: image/png

Redirect headers

location: https://user-sync.adxpremium.services/setuid?bidder=adform&uid=1633749901915640753
date: Mon, 29 Jan 2024 17:30:33 GMT
server: nginx
content-length: 0
content-type: text/plain

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
297 B 543ms
543ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://randomgenerate.io
Date: Mon, 29 Jan 2024 17:30:33 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 614E 43 B
215 B 159ms
158ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=6c71c6ca-22c3-7789-a301-ec12c395d789&tv=%7Bc:2IeiOH,pingTime:1,time:3401,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:14%7D,%7Bpiv:100,vs:i,r:,t:2400%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:2400,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2395~0,0~100%5D,as:%5B2395~160.600%5D%7D%7D,%7Bsl:i,t:2400,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:119,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C17.1525518-72172419%7C171%7C18.1525518-72172419%7C181%7C19.1525518-72172419%7C191%7C1a*.1525518-72172425%7C1a1%7C1b11%7C1b12%7C1c%7C1d,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:15,sis:471%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:33 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 614E 43 B
215 B 159ms
159ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=6c71c6ca-22c3-7789-a301-ec12c395d789&tv=%7Bc:2IeiOH,pingTime:1,time:3401,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:14%7D,%7Bpiv:100,vs:i,r:,t:2400%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:2400,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:14,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2395~0,0~100%5D,as:%5B2395~160.600%5D%7D%7D,%7Bsl:i,t:2400,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:119,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C17.1525518-72172419%7C171%7C18.1525518-72172419%7C181%7C19.1525518-72172419%7C191%7C1a*.1525518-72172425%7C1a1%7C1b11%7C1b12%7C1c%7C1d,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:15,sis:471%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:33 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6774 43 B
215 B 143ms
142ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=b7e846e2-d4ab-a3ec-b803-79dc6ca0f9cc&tv=%7Bc:2IeiOY,pingTime:1,time:3293,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:15%7D,%7Bpiv:100,vs:i,r:,t:2293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1000,o:2293,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2287~0,0~100%5D,as:%5B2287~728.90%5D%7D%7D,%7Bsl:i,t:2293,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:119,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C17.1525518-72172419%7C171%7C18.1525518-72172419%7C181%7C182%7C19*.1525518-72172419%7C191%7C1a.1525518-72172425%7C1a1%7C1a2%7C1b11%7C1b12%7C1c%7C1d,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:16,sis:450%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:33 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6774 43 B
215 B 143ms
143ms Image
image/gif 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525518&asId=b7e846e2-d4ab-a3ec-b803-79dc6ca0f9cc&tv=%7Bc:2IeiOZ,pingTime:1,time:3294,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:15%7D,%7Bpiv:100,vs:i,r:,t:2293%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:2293,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2287~0,0~100%5D,as:%5B2287~728.90%5D%7D%7D,%7Bsl:i,t:2293,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:119,fm:u2M3uC2+11%7C12%7C13%7C14%7C15%7C16%7C17.1525518-72172419%7C171%7C18.1525518-72172419%7C181%7C182%7C19*.1525518-72172419%7C191%7C1a.1525518-72172425%7C1a1%7C1a2%7C1b11%7C1b12%7C1c%7C1d,idMap:19*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:16,sis:450%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:404b:a5c9:a575:6bf7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:33 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1

204
No Content

pbscookie
a.vidoomy.com/api/rtbserver/ Frame C91C
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D6f36ee19082ae311fe188bedefaa0549%26dspid%3Dopenx
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=345f8f43-7275-46bf-8246-88e0a56a9dba&vid=6f36ee19082ae311fe188bedefaa0549&dspid=openx

0
343 B

387ms
91ms

Image
text/plain

212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=345f8f43-7275-46bf-8246-88e0a56a9dba&vid=6f36ee19082ae311fe188bedefaa0549&dspid=openx
Protocol: HTTP/1.1
Server: 212.36.83.245 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:34 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

Redirect headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:33 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=345f8f43-7275-46bf-8246-88e0a56a9dba&vid=6f36ee19082ae311fe188bedefaa0549&dspid=openx
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame C91C 0
187 B 149ms
42ms Image
text/plain 98.98.134.243
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D6f36ee19082ae311fe188bedefaa0549%26dspid%3DCEN
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Mon, 29 Jan 2024 17:30:33 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1

204
No Content

pbscookie
a.vidoomy.com/api/rtbserver/ Frame C91C
Redirect Chain

https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3D6f36ee19082ae311fe188bedefaa0549%26dspid%3Dadf
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=1633749901915640753&vid=6f36ee19082ae311fe188bedefaa0549&dspid=adf

0
343 B

390ms
90ms

Image
text/plain

212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=1633749901915640753&vid=6f36ee19082ae311fe188bedefaa0549&dspid=adf
Protocol: HTTP/1.1
Server: 212.36.83.245 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vid.vidoomy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 17:30:34 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

Redirect headers

location: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=1633749901915640753&vid=6f36ee19082ae311fe188bedefaa0549&dspid=adf
date: Mon, 29 Jan 2024 17:30:33 GMT
server: nginx
content-length: 0
content-type: text/plain

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 48ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KR2GVJ0ZGV&gtm=45je41o0v9115478624&_p=1706549425636&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1132696889.1706549426&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1706549425&sct=1&seg=0&dl=https%3A%2F%2Frandomgenerate.io%2Fcpf-generator&dt=%F0%9F%87%A7%F0%9F%87%B7%20CPF%20Generator&_s=2&tfd=9846
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KR2GVJ0ZGV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://randomgenerate.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 17:30:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://randomgenerate.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/hZvoK-ZlOT6-OqFLVEFYD/_ssgManifest.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/hZvoK-ZlOT6-OqFLVEFYD/_buildManifest.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/pages/cpf-generator-0d88c187c017f4f4.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/36757-28b54408f0f05e88.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/63031-592c8bb62d9bd528.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/39238-bdd827d22231716b.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/25675-4b3099c5fc33bd05.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/44949-72e08cdddb0481f9.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/78e521c3-a40615a36edde8d1.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/95b64a6e-a892c0b358659f0f.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/d7eeaac4-c77e27e3992fe68c.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/1bfc9850-9a620636a28b3ce8.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/pages/_app-a7008f0e5600abbb.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/main-97f94a1dfa5c345e.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/framework-75746eeb80cbf23f.js

Domain: randomgenerate.io
URL: https://randomgenerate.io/_next/static/chunks/webpack-40e523e17749d299.js

Domain: stpd.cloud
URL: https://stpd.cloud/saas/6380

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Domain: prebid-stag.setupad.net
URL: https://prebid-stag.setupad.net/openrtb2/auction

Domain: cs.chocolateplatform.com
URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEPG0NjCjQKqzv9Je1H3pq-s&google_cver=1&google_push=AXcoOmTI4Fikkd2vjnuyPQ8Y16vechSK2voQTMilg103FMdagmeJUPUJw-xC0_8EjTlZGmVJfIpVWXmhB6F1EpeFLpENBOx0pjj6

Verdicts & Comments Add Verdict or Comment

326 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

78 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 20:12:05	Name: sync Value: CgoIoQEQ5fOWstUxCgoIkQIQ5fOWstUxCgoItAIQ5fOWstUxCgoI5gEQ5fOWstUxCgoIhwIQ5fOWstUxCgoItwIQ5fOWstUxCgkIOhDl85ay1TEKCgiMAhDl85ay1TEKCQhfEOXzlrLVMQoJCB8Q5fOWstUx
.randomgenerate.io/	1970-01-21 03:38:29	Name: _ga Value: GA1.1.1132696889.1706549426
randomgenerate.io/	1970-01-20 18:02:31	Name: stpdOrigin Value: {"origin":"direct"}
randomgenerate.io/	1970-01-20 18:45:41	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.clarity.ms/	1970-01-21 02:48:05	Name: CLID Value: 7604f9fbf0a945feaf3dd25f2c5994eb.20240129.20250128
.randomgenerate.io/	1970-01-21 02:48:05	Name: _clck Value: 7q9mu4%7C2%7Cfit%7C0%7C1489
prebid.a-mo.net/	1970-01-20 18:02:29	Name: _Amc_b Value: 0
.rubiconproject.com/	1970-01-21 02:48:05	Name: khaos Value: LRZ7GSR8-1C-4BGT
.rubiconproject.com/	1970-01-21 02:48:05	Name: audit Value: 1\|hLZGFuTafB3i0aWn8BPygwNb0fGVcfL/XWaA1sYWTLHiXIXbtn90w+MSTGHmscxSeMMFhNckIOp2D7rfRNiI/6boBN3edhWbAokthQGmMqUhkTnGhAX54b7FQD2yB//h3OlDu/ORdD8=
.criteo.com/	1970-01-21 03:24:05	Name: uid Value: eccc3cb4-1ddc-4820-a8dd-231964338a64
.criteo.com/	1970-01-21 03:24:05	Name: receive-cookie-deprecation Value: 1
.randomgenerate.io/	1970-01-21 02:48:05	Name: connectId Value: {"ttl":86400000,"lastUsed":1706549426498,"lastSynced":1706549426498}
.openx.net/	1970-01-21 02:48:05	Name: i Value: de2d3fd5-626d-4aa1-b31c-801d40166cca\|1706549426
.3lift.com/	1970-01-20 20:12:05	Name: tluid Value: 4635396181537437656854
.randomgenerate.io/	1970-01-20 18:03:55	Name: _clsk Value: m3myi2%7C1706549426785%7C1%7C1%7Cw.clarity.ms%2Fcollect
.adnxs.com/	1970-01-20 20:12:05	Name: XANDR_PANID Value: cQjE-WPZAsivZrfSxYaMLJUcFmf830y2vGUxuho6K8FQ3DDcMGvSOYrTmvWBOCJRMa4srzZPsJxBpoHDUvNAEvuifqq1yXVrFdFBjMBO0UY.
.adnxs.com/	1970-01-21 03:38:29	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:12:05	Name: uuid2 Value: 8889471911930454369
.bidswitch.net/	1970-01-21 02:48:05	Name: tuuid Value: 7962955e-529f-421e-ba29-aa08cdd7ca99
.bidswitch.net/	1970-01-21 02:48:05	Name: c Value: 1706549426
.bidswitch.net/	1970-01-21 02:48:05	Name: tuuid_lu Value: 1706549426
.adnxs.com/	1970-01-20 20:12:05	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiI0NjM1Mzk2MTgxNTM3NDM3NjU2ODU0IiwiZXhwaXJlcyI6IjIwMjQtMDQtMjhUMTc6MzA6MjZaIn19LCJiaXJ0aGRheSI6IjIwMjQtMDEtMjlUMTc6MzA6MjZaIn0=
.doubleclick.net/	1970-01-21 03:24:05	Name: IDE Value: AHWqTUkZlzTvrDD1SMlk8ie_OIakVXXKX4GktB72TJPN-1DgOMfMIB12Wt_o6zRSTpQ
.linkedin.com/	1970-01-21 02:48:05	Name: bcookie Value: "v=2&17a138dc-e129-4ddf-8f0f-100cbd20a697"
.linkedin.com/	1970-01-20 22:21:41	Name: li_gc Value: MTswOzE3MDY1NDk0MjY7MjswMjHNAXFmczYmL4/LnwpsvzX2SnAkYNoYHtzvCQE3mVsJzg==
.linkedin.com/	1970-01-20 18:03:55	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3111:u=1:x=1:i=1706549426:t=1706635826:v=2:sig=AQEyRkXUXoSYZN9UvRbwqhjqlB5hTEu0"
.prebid.a-mo.net/	1970-01-21 02:48:05	Name: __amc Value: 2_1706549426_1706549427
.bing.com/	1970-01-21 03:24:05	Name: MUID Value: 01CC57B320ED629032EE43A621666371
.c.bing.com/	1970-01-20 18:12:34	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:24:05	Name: SRM_B Value: 01CC57B320ED629032EE43A621666371
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:24:05	Name: MUID Value: 01CC57B320ED629032EE43A621666371
.c.clarity.ms/	1970-01-20 18:12:34	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 18:02:30	Name: ANONCHK Value: 0
.randomgenerate.io/	1970-01-21 03:24:05	Name: cto_bundle Value: JquD6182anVVT3pTTDFlSUFxVk1MUTdnJTJGc2lmekM0RDhCT2hWTXJFUDFFZkVJYXhSc1A0OTVseVZ1bEFFdmJGSFVFSmlpY3FWTmMzV3JFb1BQbEVyYkMwb0dEZ21uSzc4QVRNdW9Fc2xrMWpHdkt1bGhuOU0yJTJCNjNsJTJCbzFEQ0xsQ2Z1ckIlMkZSTjdOTm44bER5MzZxUEVXc1pUQVJVRThrVE1CTk9nd1VpMUhpJTJCZjhJJTNE
.randomgenerate.io/	1970-01-21 03:24:05	Name: __gads Value: ID=033407f573089a9b:T=1706549427:RT=1706549427:S=ALNI_MbFuTynUvpiV06LqAJcScFdRNX5hw
.randomgenerate.io/	1970-01-21 03:24:05	Name: __gpi Value: UID=00000d4c6377eb67:T=1706549427:RT=1706549427:S=ALNI_MZKU-ZpVd7inc0Xl4NG48r-1okAGA
.randomgenerate.io/	1970-01-20 22:21:41	Name: __eoi Value: ID=61ace9ccd68e0c43:T=1706549427:RT=1706549427:S=AA-AfjaRvwSFk-tCBLWMo2-QYmVu
.randomgenerate.io/	1970-01-21 03:38:29	Name: _ga_KR2GVJ0ZGV Value: GS1.1.1706549425.1.0.1706549429.0.0.0
.doubleclick.net/	1970-01-20 22:21:41	Name: APC Value: AfxxVi5F2olE-G67xNU-9zbHIVGUnss5qz6QHJ7pCxfHw9fpz5dUIw
.turn.com/	1970-01-20 22:21:41	Name: uid Value: 3307796966873654261
.doubleclick.net/	1970-01-20 22:21:41	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 02:48:05	Name: CMID Value: ZbfgtSybyfxkNErkAKZKfwAA
.casalemedia.com/	1970-01-20 20:12:05	Name: CMPS Value: 5153
.casalemedia.com/	1970-01-20 20:12:05	Name: CMPRO Value: 5153
.adnxs.com/	1970-01-20 20:12:05	Name: anj Value: dTM7k!M4.gDYRWSF']wIg2ImKG(e$p!A#FB.TOKKnyW<U1`VROYQM-:DsSNC<`eyX<95-PY=mAvMwdF5Dd)>dOH7!)<QG=%9skrhI.FB-I2G!Q+7QSOVQk=KVQv_g*s:#dVX_$L$b/-p2:TTh!!$Hg.1[F6
.csync.loopme.me/	1970-01-20 20:13:31	Name: viewer_token Value: 394b6b2a-44a1-48f2-9c45-590959337794
.doubleclick.net/	1970-01-20 18:02:33	Name: DSID Value: NO_DATA
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8G Value: s85138\|Zbfgu
.everesttech.net/	1970-01-21 03:38:29	Name: everest_g_v2 Value: g_surferid~ZbfgtgAAA-LMsWmw
.yahoo.com/	1970-01-21 02:48:27	Name: A3 Value: d=AQABBLfgt2UCEHVH4RTH_rEVZJYXmda-khoFEgEBAQEyuWXBZQAAAAAA_eMAAA&S=AQAAAj1magzjRPoDks5x0kWgYrQ
.adform.net/	1970-01-20 18:47:07	Name: C Value: 1
.adform.net/	1970-01-20 19:28:53	Name: uid Value: 1633749901915640753
.adfarm1.adition.com/	1970-01-20 20:12:05	Name: UserID1 Value: 7329573995167479963
.quantserve.com/	1970-01-20 20:12:05	Name: d Value: EDEBCQGCK4EA
.quantserve.com/	1970-01-21 03:32:43	Name: mc Value: 65b7e0b7-78581-47db1-437cd
.ctnsnet.com/	1970-01-21 02:48:05	Name: cid_818e56041fcb4a27a2e607f1d55cd694 Value: 1
.ctnsnet.com/	1970-01-21 02:48:05	Name: gid_CAESEGdO9Jp_e7ls52PApx8JfiY Value: 1
.simpli.fi/	1970-01-21 02:49:31	Name: suid Value: 2757F66D64BD404E95FBDCC9EE15289C
.adsby.bidtheatre.com/	1970-01-20 18:12:34	Name: __kuid Value: 70ba5c08-a0bc-4f91-bb88-4625a65a231a.475763431
.lijit.com/	1970-01-21 02:48:05	Name: ljt_reader Value: IEs6AGZHJR9zH3tRS1-N-Glb
.yieldmo.com/	1970-01-21 02:48:05	Name: yieldmo_id Value: VEUYPrrWWOr5JpwTO5w5%7C1706486400000%7C0
.media.net/	1970-01-21 02:48:05	Name: visitor-id Value: 3495510319085538000V10
.yandex.ru/	1970-01-21 03:38:29	Name: yuidss Value: 2462369561706549431
.yandex.ru/	1970-01-21 03:38:29	Name: yandexuid Value: 2462369561706549431
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.gonet-ads.com/	1970-01-21 02:49:31	Name: pid Value: MmI1YjdmYWMxOTYzMjFhMg
.adx.opera.com/	1970-01-21 02:48:05	Name: UID Value: OPU8e509ffb34a141e38f009029f1e8a98f
sync.srv.stackadapt.com/	1970-01-21 02:48:05	Name: sa-user-id Value: s%3A0-4bde3fcd-f090-5102-4df2-a444983ab04c.AkeLzEiVB%2BwoZaa1JBd93t9v2GcVikwPcFL4LOiImQ8
.srv.stackadapt.com/	1970-01-21 02:48:05	Name: sa-user-id Value: s%3A0-4bde3fcd-f090-5102-4df2-a444983ab04c.AkeLzEiVB%2BwoZaa1JBd93t9v2GcVikwPcFL4LOiImQ8
sync.srv.stackadapt.com/	1970-01-21 02:48:05	Name: sa-user-id-v2 Value: s%3AS94_zfCQUQJN8qREmDqwTFD_B2c.j05JT5%2B7UTCGxASM5K1PqNi3FyLn1ZQX44nVgPVywYs
.srv.stackadapt.com/	1970-01-21 02:48:05	Name: sa-user-id-v2 Value: s%3AS94_zfCQUQJN8qREmDqwTFD_B2c.j05JT5%2B7UTCGxASM5K1PqNi3FyLn1ZQX44nVgPVywYs
sync.srv.stackadapt.com/	1970-01-21 02:48:05	Name: sa-user-id-v3 Value: s%3AAQAKIDYQE_FASCQrRJEYNkCCwCE15UMLp_PboC2B09_uGENnEHwYBCC3wd-tBjABOgQ7vvenQgRVqDS4.d%2FrvhTN0GvFbFpuoBPYZfXUvAFFmQeQuRm%2Fw4rRkaTM
.srv.stackadapt.com/	1970-01-21 02:48:05	Name: sa-user-id-v3 Value: s%3AAQAKIDYQE_FASCQrRJEYNkCCwCE15UMLp_PboC2B09_uGENnEHwYBCC3wd-tBjABOgQ7vvenQgRVqDS4.d%2FrvhTN0GvFbFpuoBPYZfXUvAFFmQeQuRm%2Fw4rRkaTM
.tribalfusion.com/	1970-01-20 20:12:05	Name: ANON_ID Value: amntuJy4ZawFBA9MAIAno8LDbqBtbn90pbRe0h10EiAApUnNBGLRTTnNTYaZcl1nogaqdmZa3RVmu1DMIJd9dZdvfTEt
.microsoft.com/	1970-01-21 02:48:05	Name: MC1 Value: GUID=03edd47d87484a109248d2340a5d19d5&HASH=03ed&LV=202401&V=4&LU=1706549431908
.microsoft.com/	1970-01-21 03:24:05	Name: MUID Value: 139D8E6FA1C463C02B069A7AA5C465FB
.adxpremium.services/	1970-01-20 20:12:05	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiMTYzMzc0OTkwMTkxNTY0MDc1MyIsImV4cGlyZXMiOiIyMDI0LTAyLTEyVDE4OjMwOjMzLjQ1NDgwNTU2OCswMTowMCJ9LCJpeCI6eyJ1aWQiOiJaYmZndFN5YnlmeGtORXJrQUtaS2Z3QUFcdTAwMjY1MTUzIiwiZXhwaXJlcyI6IjIwMjQtMDItMTJUMTg6MzA6MzIuNzUwMDM5MTc5KzAxOjAwIn0sInNvdnJuIjp7InVpZCI6IklFczZBR1pISlI5ekgzdFJTMS1OLUdsYiIsImV4cGlyZXMiOiIyMDI0LTAyLTEyVDE4OjMwOjMzLjE5OTI0NTM0NiswMTowMCJ9fSwiYmRheSI6IjIwMjQtMDEtMjlUMTg6MzA6MzIuNzUwMDM4NDIrMDE6MDAifQ==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://eb2.3lift.com/xuid?mid=2711&xuid=eccc3cb4-1ddc-4820-a8dd-231964338a64&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28} Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEPG0NjCjQKqzv9Je1H3pq-s&google_cver=1&google_push=AXcoOmTI4Fikkd2vjnuyPQ8Y16vechSK2voQTMilg103FMdagmeJUPUJw-xC0_8EjTlZGmVJfIpVWXmhB6F1EpeFLpENBOx0pjj6 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://sync.gonet-ads.com/match/google Message: Failed to load resource: the server responded with a status of 408 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7147abcaab00b5f8984562fa2a6cabd5.safeframe.googlesyndication.com
a.ad.gt
a.tribalfusion.com
a.vidoomy.com
aax.amazon-adsystem.com
ad.turn.com
ads.avads.net
ads.everesttech.net
ads.pubmatic.com
ads.yieldmo.com
adx.adform.net
adxbid.info
an.yandex.ru
analyticspixel.microsoft.com
ap.lijit.com
as.ck-ie.com
bcp.crwdcntrl.net
bid.g.doubleclick.net
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c1.adform.net
cc.adingo.jp
cdn-ima.33across.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
connectid.analytics.yahoo.com
cs.chocolateplatform.com
cs.media.net
csync.loopme.me
d.turn.com
dco-assets.everestads.net
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fw.adsafeprotected.com
gcm.ctnsnet.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.hadron.ad.gt
id5-sync.com
image6.pubmatic.com
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
match.adsby.bidtheatre.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
node.setupad.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
px.ads.linkedin.com
r.turn.com
randomgenerate.io
region1.google-analytics.com
rtb.adxpremium.services
rtb.openx.net
s.ad.smaato.net
s.tribalfusion.com
script.4dex.io
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssum.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stpd.cloud
sync-tm.everesttech.net
sync.go.sonobi.com
sync.gonet-ads.com
sync.srv.stackadapt.com
t.adx.opera.com
tagan.adlightning.com
tags.crwdcntrl.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.ipw.metadsp.co.uk
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
user-sync.adxpremium.services
vid.vidoomy.com
vpaid.vidoomy.com
w.clarity.ms
www.clarity.ms
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
cs.chocolateplatform.com
prebid-stag.setupad.net
randomgenerate.io
securepubads.g.doubleclick.net
stpd.cloud
104.26.8.178
108.128.140.222
13.248.245.213
142.250.184.194
145.40.97.66
151.101.194.49
159.89.25.223
162.19.138.117
162.19.138.119
172.64.151.101
172.64.152.89
178.250.1.9
18.238.243.82
18.239.18.118
18.239.70.203
18.65.39.47
184.30.211.26
185.106.140.18
185.184.8.90
185.64.189.112
185.64.190.78
185.86.139.96
188.166.17.21
188.42.105.220
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
204.79.197.204
209.192.201.180
212.36.83.245
216.58.206.34
23.201.243.14
23.212.88.20
23.35.229.251
23.35.236.201
23.96.124.156
2600:1f18:1aca:4282:404b:a5c9:a575:6bf7
2600:9000:223c:2400:10:dd8:5e40:93a1
2600:9000:2250:ac00:a:e047:753:eb41
2600:9000:2362:ba00:1b:5138:8a40:93a1
2600:9000:26da:1600:8:48e:53c0:93a1
2602:803:c004:200::140
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::ac43:17ea
2606:4700:20::681a:8a9
2606:4700:3035::6815:30d7
2606:4700:3037::6815:5653
2606:4700:4400::6812:22b2
2606:4700::6810:5914
2606:4700::6812:18ad
2606:4700::6812:1e31
2607:f350:3:2569:0:10:0:200d
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:802::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2001
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::200a
2a00:1450:4001:831::2003
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:6b8::90
2a02:6ea0:c700::17
2a02:6ea0:c700::19
2a02:fa8:8806:16::1460
2a05:d018:d29:3601:5088:283f:2202:9e4b
3.162.33.31
3.248.239.255
3.75.62.37
34.102.146.192
34.120.135.53
34.248.213.243
34.96.70.87
35.158.201.105
35.186.193.173
35.204.74.118
35.205.207.25
35.210.239.72
35.214.149.91
35.214.243.225
35.227.252.103
35.244.159.8
37.157.2.228
37.157.3.20
37.252.171.85
51.89.9.251
52.198.184.52
52.210.30.156
52.223.40.198
52.6.81.107
54.161.150.198
64.233.167.154
68.219.88.97
69.173.144.138
69.173.144.139
8.2.110.113
82.145.213.8
85.114.159.118
89.149.192.76
98.98.134.243
0195b195fe0fd11ed11974c779e5c0744b575b678dd6b432f408697671396a9a
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07cdad477512b405d6312da20e766c657d6c23c6e0ac6138e75ec0169dc45288
087fd704845c8c20987816e2e6747f5c1b4f777fbc24977bb3004a90352dc78f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da8e6e615e8d4f4d172b990745da8fe03ce0ef7d103c87c7891acfd78e00827
0e814ab462f97018455d5f9bca9b08b5e164a38773220add82fdcd6d6b0d98ab
10592b836bb8f3388e07e98bb792a3853b6128eb82e985a05fa4dc902be3924d
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
185bc340c89827c8c38564425751d73ada406cf960a7785c54bbe818f30fe924
191bcf4f1cb76f9f0266eb39b452547695d8b246bde3fb155cd3070b4eb8f02a
1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
21e2cc1be6bb33e75287ef99dd7ba094e114326e221a1550b9f9e21de7a1b51c
2231903638371ed6f332ab6c4482f1b0716e4aabf55b98b3efef17e07e0fa22e
2365cc11ef3d43f265b848c7164e5487c7a49d6af06c2938ac9272c8d91fc1a2
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
291413442076f1e099550c4ed2f94eeb121885d7be058fea171e0c546ca13ed1
2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2ddabf06a83b76a256f03762f3ddcdeef0b19d476ba20202ebfe570e460bb009
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3384e396c88e07cd7d0e46d5361eff9ab20ff9f65dfb94436030ccd116943bc6
361c01b2729bd0a8a349bb916078e087c6b0f6042bd1570f3242e1ce12364190
36b8658a0c918ff7fb8c374d36c45da0990fa4f4cf260e0cdaccf243cd17c271
36fa8d97cdd27e5be2ad846f5be25ba894ee6db0fa77fe243f0394c5b1c0fcd3
385d76692e394f6514bbf5b817e494ed5383e556035baeb83842e770c25930bf
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
390ab6d59e3d77a5cd1c168818f53c37a74d4731a2a35288ff693da7988a5467
3a232ca84ac4ce1044e5ec804c601aca3b635d9d602cd5cbfabc7618ae2e2b16
3a4da1b91b35d44d991c5079b5ae0c8493c73838e56c85b6a607ef29ea472d8c
3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf
3c825307202a5381629cc9fe28a6b63fe1348ff329afbcfed5782fc5567d0653
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40abb0a63dc7e8c7f929f16bbdffeba11d328f02e31c42b5808dd58ae72a2c51
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42905a167ab0a736cb122795ff5bf4b6da102b7caa4ea2721decaa40defda687
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459524b75299eae939f95180e9c527e137ab65ce188af4a015b84be566c79838
464e3c04242d9831b94d589dd466b66b2849a9341bc18e7efb28467878052e2f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48058c7cae6c0edd1606307d30e0bfec5267501b07d1b1a664644c7e30121911
481abe6d0d56ad513eb525004cb606c2dcbf1cc1b4614d9ce5933c52fdb1d0d5
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e7290a5a4f4b099a5f8ad2c6dbdc615f58f83b6e5e26fbca25df3a0a417c95
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d84c709c22f7a3b801936ac6451d426d1a7ef7e01981cd08b77ff1a3aabc353
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f9b4a3d9e22fff0021d51d4e9e49e90b08aaf54b8951680039cc2a5c905a51b
52017b543f657ae282e9d0acabd4c6e6d5a4af7355d36850c21eadf6c0ce2428
526a854fa681b1786026277e309c20a6615b6a5871b8bd5b917a504187e6edaa
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
561fb605fba42be568be9edbfadde9517e680b92495dc1e9b1e17b012c560573
56ab6b29646315f6b094297b45752ae23fe18430c8eb531edaa6297d917eb5f7
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
59705e5c17faed92b0d66ee387c7c78b2d9aa7019062ac951ce404fc09e353f9
59c4650de6e947e8522899af32df9affc43715131bcd1089a65c18d1a8e0203a
5a3625b5d9c9812b4eee70ea974c961f0a8e5ed1aa587effa4dc49959d722d95
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dbe9ddb3608025586bc6816d2fed0d0d0456bb10eab77a7d7047cc93074343f
5e8b2383a8418b0727c4a55338444beac0065366da2071d8afa4866535ba911e
5f27f2d6fd0d7a35050e1868e67548df87f1c88964ee798f826cca6ea1cd747b
5fa42c1d96f1d20bb0a5c0f1468aba661ad4c3584dd51646a3bfb996e869b8dd
5fb1407d658a8283ce9cd10631dd37f413e0de13aab80c06b72bc2221b523c55
60a926d0321573e81faf19a79c14db773c4cd81d4748dfde763f7fdd89875c93
60c991681541f04d41c9608f36637f173044a86beb61f0b0890412f3ef9a5bce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
661ebe99760ef6650ce94345ea99d24a985aada72f44055b7c5e9ae306d1895d
670ee64fbca97d16da3cb3e6f974615afd092b6060aae942843ace58bc151ae8
6767d49f6e02fe4b1784730a37a54273411e0085e2096ca81d46ed64717d3a66
6b71d498c7e1ab2e9c66252ac7c07c73dc23bf2444bd03dc7a221f42348095ed
6bc4f4cdd39ae5df0aaf8d4fff1358df84a5ee8bd5cb771d367a9eed192f2525
6df8f0196f61b059c0192e58428b33e52afd3fae2cd34313d833716829d82e5b
6e2b532291948181cec6860bbf9266f51102fe73fcfd52222db4d91d748618ac
6ec0ccf44231411587a9a7619334ddab8070097babe10640eaf9335ae85fac92
6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
70f60044d161bbdd9a7cbea74e2d3100726004b2d4ce04b0c84a0214bf13ce0b
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
721227e405c71a215ad0281707c7ed0229784fd0d2e140ba275c63af7fe5c9c8
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
749f5210d6f2b201d06e60caa18f62e1eb3f8f9443fa51b5dfc5ee9178704241
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
81aa0216d82653c46fba45882a65c0c96426e9eb544d8e29593e4fa58a783189
81ab19fc750d70f1f84fb527e8234c4174fbe5c8a061320787b2d87be9be20fb
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
86036cbe1dd82dc84489e713501e2fb7e5e18d2f41b3668006f5657e3deb512a
885cb38c43b35c7ff9befe60f6c96f653d15befa0770f5f2ea0ea5cbc5d03a68
88729f204be6c899821512b65f15c4ff7a0af19b95df8f46b00c3c4f5f097a62
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8beadd142e033caff0db03a1526435f7076f607fe31d53640466d2518acd9d8f
8d0ca7707e3c55156f55421f65ef48dade2a627c2cb6abc2113ea0dcc8ec6a97
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
905989962c208a8d440b7860d8100f46ecd47a38b7d3472eb529d811aa7f1892
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
91ea9d151e7ab252501a473e052b27bf88d2096dc8cff8a0e298cffd710c31f4
927a6fc98c863add37e1dcf9ab6abfc08b2c42cf2a606766095dec11d1085c47
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
955e7adff45d5f8f8297b6a0506103bb1f413329cbb3af3998dddfbec9bc1ca8
98fa84e9ad05819f4f2e3b661da39d73387c81131deaff1e335525d385ea1cf5
997cbfac75012b65702e6aa72cfb47da6b70a37c8daba910c5f3659f8e1861d3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d4ea3e5eacf489f1658961a5d3e3b68bdf51aa1077a1270f6bf9eabfd03c063
9dcdd4dff6dab5e556d07cf571e17a19ce4c7dba8a9b657bee0b9e68b6d5b018
9e4d55b1fc039bfc0c74f90a846f637ef2eb655c67c6e851207f52ee3db9b795
9fd11c505993983e407169e0082f25c97da4892c9af394fc14859eba26afac50
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a70d87a0ce7669f368cc6c8f96e17a20b7b9a3aeef9686659ff5e32498145af0
a875361aeee744f332f2e243026ef2db52df7e19737b0a18fa2299793d27f03e
aa1dbb1443c4587fa41937182c168b9ee9ac1e13e6345400fb592b63d530ffee
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acf567bf9a4b55bd45ce03b02d8ccdfddc1d3aa9386608e8de427fd30600facc
adb759006a9345d092a55d6e194a491819c42d4ccaeb3f4e0497ba822ac358ba
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4c20c0874c41340614d3b28dfcbfdae61ad929b1c76c53100e6ad81cc37d9eb
b4f3d8951925006529c170094cee71330cb7b4a8e0799677665730d8c5d65dcf
b5cfd910512254312133fa2ecaeb46e5e05af0ee567e2152fa6df6447acf79bc
b738f4b1cea879b84c4223d5800971cf48f208c3293c84abcb6bf02fdef5b95c
b7bf4f406f5a9bf165c21dfebea2257eab80882e23e887a24756956daac44373
b7cf9ddaf5c83bc1b8552115ec2a25aaf9b8a5df6861e67e1e486fc6eecdddae
b8661a04701eb6a4972852d7ffb3874e5174d33b69defee1992351190b456195
b8c9a098f2a6b0ccc7f207f4cabd1c8bee52ab7a369f70f1c93b91b11d7a2bad
ba92f31903d0ed43a15811c0506b1c357fa04ff643140a3c0e162dfc66cd37eb
bb09eb5a1bde7920c170d45c7654501b5c352b97290ac1fd48b68cd9ee0aa57c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb35f127d3076d6f73de261683e99a846c3880d35b739e033a1695a086fb932a
bbbf833bb62a63c7d9bddf038c17a77acd6bcadc2397eb37ddf7eff0f96eb1e6
c059ad0b4849e315985b55fc2f378cf44ce42077ac03e099aa4ae703042e4129
c09e3f0651b3d2ee704a39e6487d3974b5d622b1dfe7d84a51c9e0761ec88b81
c0b1889ffc4b5e9fc8c2379faaa7ccdd94fa3885af7836fbb0d4e6a097006c6c
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4fcb659fdb426def82bb86e06af50e9a59049141b72014637d8d750e399b1b1
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdd2706e2d273f5f9ee7b983229da952507d56764a5bb9c8402d93a9ddd5425f
cddbc0f8158305055e30aebd2b6b7da9f858967a15d58197e6d8a35ec30292c9
d351ad9e0491a3bb72ba3995d0dfe67f6af54bbf7d97e18f43ff203ffc5efe1f
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d3eabd63d0cad1555c13f18ca673589a6e6bdfea173a94f7b054cc1ec9940b76
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d6c36cd760a640411a2be21643a1cb1632c8adb3a61787fed3221f80f501d1ac
d6f5dc262d6f475ee4245eacf65bed6186aae85064176dea22b35caeb709ffbd
d7bf53e7d222b3bea17b3c3b3310fb3fd8ed916ec97b9ada77a46458546e07cb
daa6fc92564a05e3d9996483b768e367bc62192f373cee8d3b7df8a4fbc6af18
dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5bf94335744f14018f8d35860cdf446c541d3b0ef6fa4c65f0c8416b00a668c
e655d84adabb2f9a6de8bd6784b36ecfe085a4142801acb690342f90bff5f495
e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e
e74f05c1854923868b126b3471c5c29654e2f1f6083001db146bdd87ffce18d6
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e91950233cb729393ab77611b4c834136de98ada7eeca5a764b0ad34f72341b1
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb87c0447bd19366919bdb8913f775caca732ac31cbc5e5d42e4db5df39437ce
ec8749dbaee2d5a8165e8c98feb32657c37a1805369cb8c9621fdc2cb72c18d6
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
eebfa29f44fe5d4ebb3b75f76240618b62b6d70de12b43b5517ce8bff5209fd4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f193e41804e194b43fbe428bb6cc8af9e8429a2648000e27283c6b68d0b8d3ac
f3f997a471f1baf7bc1074ae8f7c445e58cf715331b51d97ff9a5e2c1184e684
f5ee934957510bcdcf8c083e80cb9e6bda059507c331a15a486fae18c681db09
faeb77eb7851523bca5970f2a56843d8ad7e2b0baf2f2c7046269575a717075d
ff193b653bad0b2f9f2b19e3571d4bc80d5e64d678686013799bf8121b5a725d
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

randomgenerate.io Open in urlscan Pro 2606:4700:3037::6815:5653 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

476 Requests

85 %HTTPS

39 %IPv6

75 Domains

119 Subdomains

96 IPs

15 Countries

4199 kBTransfer

10497 kBSize

78 Cookies

5 Outgoing links

Redirected requests

476 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

randomgenerate.io Open in urlscan Pro
2606:4700:3037::6815:5653 Public Scan

Screenshot
Live screenshot

Full Image

476
Requests

85 %
HTTPS

39 %
IPv6

75
Domains

119
Subdomains

96
IPs

15
Countries

4199 kB
Transfer

10497 kB
Size

78
Cookies

476 HTTP transactions
4 data transactions