urlscan.io logo urlscan.io
SecurityTrails logo

www.glitterfy.com Open in urlscan Pro
208.71.34.181  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://img41.glitterfy.com/
Effective URL: http://www.glitterfy.com/
Submission: On December 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 5 countries across 24 domains to perform 240 HTTP transactions. The main IP is 208.71.34.181, located in Story City, United States and belongs to INFOBUNKER, US. The main domain is www.glitterfy.com.
This is the only time www.glitterfy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 208.71.34.181 36436 (INFOBUNKER)
1 2a00:1450:400... 15169 (GOOGLE)
42 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
2 18 2a00:1450:400... 15169 (GOOGLE)
9 2a03:2880:f08... 32934 (FACEBOOK)
9 2a00:1450:400... 15169 (GOOGLE)
68 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
31 2a00:1450:400... 15169 (GOOGLE)
4 142.250.184.226 15169 (GOOGLE)
9 18 142.250.181.226 15169 (GOOGLE)
5 11 172.64.151.101 13335 (CLOUDFLAR...)
5 8 37.252.171.53 29990 (ASN-APPNEX)
4 142.250.185.70 15169 (GOOGLE)
2 85.14.248.91 24961 (MYLOC-AS ...)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 2 52.211.95.38 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 3.121.34.204 16509 (AMAZON-02)
1 1 34.91.62.186 396982 (GOOGLE-CL...)
1 18.192.242.138 16509 (AMAZON-02)
2 2 2.19.104.189 16625 (AKAMAI-AS)
1 1 51.89.9.252 16276 (OVH)
1 1 35.186.193.173 15169 (GOOGLE)
2 142.250.184.194 15169 (GOOGLE)
2 2600:9000:212... 16509 (AMAZON-02)
4 2600:1f13:800... 16509 (AMAZON-02)
240 26
14    208.71.34.181 (Story City, United States)

ASN36436 (INFOBUNKER, US)
PTR: host-71-34-181.infobunker.com
img41.glitterfy.com
www.glitterfy.com
static.glitterfy.com
img10.glitterfy.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
42    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
18    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
9    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
scontent.xx.fbcdn.net
9    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
68    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
31    2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
18    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
11    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
8    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net
ad.doubleclick.net
2    85.14.248.91 (Neukirchen-Vluyn, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
4    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    52.211.95.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-95-38.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    3.121.34.204 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-34-204.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    18.192.242.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-242-138.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2.19.104.189 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-189.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ius.ctnsnet.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2600:9000:2127:8a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
4    2600:1f13:800:7782:cac1:b5d6:8914:d668 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
Apex Domain
Subdomains		 Transfer
110 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
1023 KB
42 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
ad.doubleclick.net — Cisco Umbrella Rank: 139
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
262 KB
31 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
671 KB
14 glitterfy.com
img41.glitterfy.com
www.glitterfy.com
static.glitterfy.com
img10.glitterfy.com
259 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
6 KB
9 gstatic.com
www.gstatic.com
72 KB
9 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 953
scontent.xx.fbcdn.net — Cisco Umbrella Rank: 445
167 KB
8 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
102 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
6 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
383 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
864 B
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1786
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 818
2 KB
2 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11353
2 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 6100
669 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 714
444 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
146 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
760 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 749
463 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
14 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
255 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
80 KB
240 24
Domain Requested by
68 tpc.googlesyndication.com googleads.g.doubleclick.net
www.gstatic.com
tpc.googlesyndication.com
www.glitterfy.com
s0.2mdn.net
pagead2.googlesyndication.com
42 pagead2.googlesyndication.com www.glitterfy.com
pagead2.googlesyndication.com
www.gstatic.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
31 s0.2mdn.net www.glitterfy.com
s0.2mdn.net
googleads.g.doubleclick.net
18 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
18 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
www.glitterfy.com
googleads.g.doubleclick.net
11 dsum-sec.casalemedia.com 5 redirects googleads.g.doubleclick.net
9 www.gstatic.com googleads.g.doubleclick.net
9 static.glitterfy.com www.glitterfy.com
static.glitterfy.com
8 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
8 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
6 www.googletagservices.com googleads.g.doubleclick.net
www.glitterfy.com
4 dt.adsafeprotected.com googleads.g.doubleclick.net
4 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 ad.doubleclick.net www.glitterfy.com
4 www.googleadservices.com googleads.g.doubleclick.net
www.glitterfy.com
3 img10.glitterfy.com www.glitterfy.com
2 static.adsafeprotected.com googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net www.glitterfy.com
2 e.dlx.addthis.com 2 redirects
2 pm.w55c.net 2 redirects
2 fw.adsafeprotected.com 1 redirects www.glitterfy.com
2 m.exactag.com googleads.g.doubleclick.net
www.glitterfy.com
2 fonts.googleapis.com googleads.g.doubleclick.net
1 ius.ctnsnet.com 1 redirects
1 onetag-sys.com 1 redirects
1 x.bidswitch.net googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 scontent.xx.fbcdn.net www.facebook.com
1 www.facebook.com www.glitterfy.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.glitterfy.com
1 www.glitterfy.com
1 img41.glitterfy.com 1 redirects
240 34

This site contains links to these domains. Also see Links.

Domain
www.caption.it
www.blingify.com
www.binaryinertia.com
Subject Issuer Validity Valid
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-18 -
2023-12-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2023-04-03 -
2024-05-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 35 frames:

Primary Page: http://www.glitterfy.com/
Frame ID: CFC3B5BA88A2763EBC3F1CA0AD9E54F6
Requests: 22 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
Frame ID: 6E95E516A7473AC38228D1740745802F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: 4DECD55683FA73641754CCB9D5CA423F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Frame ID: 1F6640675DD9A977CB4B0BD055FDF2A9
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&adk=1812271804&adf=3025194257&lmt=1702217182&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1702217182231&bpp=2&bdt=460&idt=173&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3239167127&nras=1&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=181
Frame ID: 4FCDABB114A4E3956287A53BDBDB2D89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Frame ID: 790B803B96B03E07DB056C5C48F070F5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
Frame ID: E96E476D19227F14B254043A3AA73113
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 562B709D82266BDEA90357B995E9FF98
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 178BC2A7EC8195F60E958E1653DEA594
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: EBE53364B83857611C71A0BC4C22A219
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: DABB45A970FA32C00DB44E445D5C848A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhoPo4gEwAQ&v=APEucNXmNREzKVEnMwPzpqDiJvg8r4lLYS_3oV0pWZvmjLBysb_TYGFrHD9yuJt_SsI9FV2vUcLCqQ4HHYBr6eVKkfnFXDtQE-92Ct737RJ1zOD79p8mcROo2JAWisMvfi6lIpOT7-5niLndYKT9tQ0wm4NecIfGqqtZdkyz3EEKeppgbJLrA-0
Frame ID: 94A55B40289CDF0F40C21225A85DE1BD
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: BB8D61BCA5FF1C34EE53702C3F7B4FEA
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhoPo4gEwAQ&v=APEucNVb7Ats7bslLMKcfOg1J4vWjKZSyDiMDfu_1eUuEye2ClOgYPO8PWiuEeagNzw6-8F5GK4Mp1qW7DbRD02OY1ETkjSV7CAT90zVXBxAUUA_ih4Sh4uFTtP9JjUfQ40HhNFUNLk0bTJ_j4wR9rtjwdMSklIW0Z85iY7aZ5fvsvGunQ9tn8M
Frame ID: 046F0C8F21E8B377CB1650101121E5E3
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: F5E0AEC7C5DB46874C006EFE890DCDE6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8E9BC96245A5D6181E7A625E3E65FD97
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E3A875C237353827F2F6A8A9D8A762AE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1A7D41F4AB3AB38A82F61B7CB16FB26C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 98798478FB9A2E027AE668A3F7AD0F93
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
Frame ID: 54178B7837CC56CC2A91FD371BD8C8F2
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 95E4C1B9E6554BBABBC510D22AB96985
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
Frame ID: 0C7AB2B0951782EC509A37C86D9DCF99
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0DB6E265BB8DCB9C5EC225C86A83C19A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNV-Xw3wM3B9-blC0G1MkLEzqTfrXQFpKRH8DlA0llH8MCpNdcxzjiqBYGLM2zFDy_-GI3hX9VKTb95GoxEjB0FGS-NCKgRQB96uAXXDD7tDmnUzE-Tx00qfrj6F6lrlvV2cDt_CUTlmGuRkND21WhM_WVcoZySfpPz0qC3qISHWXTb0q_Q
Frame ID: 59B6F8AEB3E5CA1832F93129F0C2384C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 2D35E3DBA877DDB92057271BE4D59572
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: D5C9706E8EB7BD0DFB2F44A3A6F052A7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: 7441CF260B0A04D8FFAB98AD3129CDB0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B74F50F616ACE0D8A81FD2D687B7B273
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DF2990E57C87A5F278C64C8C7E97D3DF
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
Frame ID: F1C670F3B6472CD8E6F642684DB85126
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 5880140A40272A54EE35895584693F6E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: CC9D60E7B4C17D1E538882EB29B26877
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7D998BEDE7A03606D2FDDDA5B3AA5DCB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63CCC9CF82694FFE31ADA07B4664A1B9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6C740F89333B2FBDAAB8009F519DE2CC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Glitterfy.com | Customize Glitter Graphics, Glitter Text, Glitter Photos, Flipbooks

Page URL History Show full URLs

  1. http://img41.glitterfy.com/ HTTP 302
    http://www.glitterfy.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

240
Requests

86 %
HTTPS

50 %
IPv6

24
Domains

34
Subdomains

26
IPs

5
Countries

3043 kB
Transfer

7904 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://img41.glitterfy.com/ HTTP 302
    http://www.glitterfy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false HTTP 307
  • https://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
Request Chain 75
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cz3YV3sV1ZdWTG_GB1fAPusC7sA3tpcHVdJy3uIDdEdrZHhABIJ3y9gFglYKAgKAHoAHp9Iu_A8gBAqkCYi2If_cOsj6oAwHIA8kEqgTHAU_QFNNYsIfUGZ4tuTDTzWFnVNHTgPJVJzTYmCu8ya_vh_7XhmHeTQ9s8FB1GVHk7YveBNCzq3XuUWndw9TeKli6u685ReKknMokxn4NYSsFD7nFIZaMCQI-A5kFArV53eqFAQ-PDHxrunQBoHg-k4yoa7ttIIxQ6EksN3qUckSocKIC0hyo7cHqdGQthbp5W8g32I3E_BseYMp8amPbgHXtNHO-7Z_CrSP95FUeUcjQV11pL-deCtiS3dSrRiNyJqyxP1KL7xzABPW-ydf_A4gFsMfvvSmSBQQIBBgBkgUECAUYBKAGAoAHxaWDQqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKKBMNIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY99H1k4WFgwOaCdUBaHR0cHM6Ly93d3cub3ZoY2xvdWQuY29tL2RlL2JsYWNrLWZyaWRheS8_YXRfbWVkaXVtPWRpc3BsYXkmYXRfcGxhdGZvcm09Z29vZ2xlJmF0X2NhbXBhaWduPUFkV29yZHMmYXRfY3JlYXRpb249aW50X292aF9kZV9kaV9jbG91ZF9iYXJlbWV0YWxfb2ZmZW5zaXZlX2Fsd2F5c29uKGFkdmFuY2UpJmF0X3ZhcmlhbnQ9NjgxNzcxODc1MjMzJmF0X2RldGFpbF9wbGFjZW1lbnQ9gAoByAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLYEwrQFQGAFwGyFxwKGggAEhRwdWItNDc5Mjk3NjEyODM2ODIwMhgA&sigh=ZgbJk-U80NQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgDICaaNwGg_O_X13YFaMXfxf8MaicQ9sAcjuS_mLwiSj6sczVlDdAf878PICD0bS15Bad0CjuzRAW9sm7UTTOawqLoO0TnUC9HnslE5ThgB&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222103277114427804907%22,%22debug_reporting%22:true,%22destination%22:%22https://ovhcloud.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22937622121%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228300595123004513329%22}&andc=true
Request Chain 83
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBDCs3h1nrN3lWw1be_Qb4A&google_cver=1
Request Chain 84
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXXF31wrd1YRZQWxiMxZGQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELBFkYcKnT0fAvemRSanurA&google_cver=1
Request Chain 85
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDXfz_KMuScbffZ2c6di638&google_cver=1
Request Chain 86
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1NTk5ODEyNzQyMzQxMzgzNA%3D%3D
Request Chain 87
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELBFkYcKnT0fAvemRSanurA&google_cver=1
Request Chain 88
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXXF31wrd1YRZQWxiMxZGQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELBFkYcKnT0fAvemRSanurA&google_cver=1
Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDXfz_KMuScbffZ2c6di638&google_cver=1
Request Chain 90
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1NTk5ODEyNzQyMzQxMzgzNA%3D%3D
Request Chain 92
  • https://googleads.g.doubleclick.net/pagead/adview?ai=COJcj3sV1ZfmPGpzG1fAPjOmIiAT8mqi2dMbS957oEZjU5buLDhABIJ3y9gFglYKAgKAHoAHW29r8AsgBCakCO6SzqUwwgT6oAwHIA0iqBNQBT9D_U2r1Fj0BpgQs2su_CX-ZI6k8OcUCkZiQSMTTUHWFZ8P6jqSeYhReMw4ZJ3Gkost1qPHubysRNScvPVpbWZ_Ctq6fxffOq0ILBEUkI8TicIu0_fpDXQU_9KDxezISdVQrDc-9ZU8tN-zCU-DExwzyd66-o2X8arCSM5PcTFyg48EPfobEBATc4AgRfbKALZ-q3Rx_zl8oqTEZZW1ZgDCuZkDGFDm4rbrdNXn3PKINgDaKIWtNZ3_EBrcE9RGV_BDH-jm68aoMGmDhgf8iYfUrJGLABKufsZfWBIgFr_vvik2SBQQIBBgBkgUECAUYBKAGLoAHp6qq9gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCfrhvSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WJXY9JOFhYMDmgkZaHR0cHM6Ly80a3pnYW1lLmNvbS9zaGFyZYAKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtgTDNAVAYAXAbIXHAoaCAASFHB1Yi00NzkyOTc2MTI4MzY4MjAyGAA&sigh=SXguQE8YwM8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNBrX6w5_CnTa0uXDoDzpZU18eDYaQi_djbfNRs9oVxbOVZThsjbZRiRKWBGK9C30-lWp4cKOVgAiureZ7Qpd9xhSA1tUramigY5EYAQ&template_id=419&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228386041287151305476%22,%22debug_reporting%22:true,%22destination%22:%22https://4kzgame.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223068127432202209105%22}&andc=true
Request Chain 112
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 152
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvjSoxfBMRo5kv4zwm6xQ0&google_cver=1
Request Chain 164
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXXF31wrd1YRZQWxiMxZGQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvjSoxfBMRo5kv4zwm6xQ0&google_cver=1
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPhSATi9WATKyDut9JZDol4&google_cver=1
Request Chain 166
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1NTk5ODEyNzQyMzQxMzgzNA%3D%3D
Request Chain 192
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOxc-Bi3O7iUR9kqY1Ox4gU&google_cver=1&google_push=AXcoOmT3UCJo6O0jiZrIDz5rwC8K-WzXd-9VEtGEkHdBr9jD_JZvwjCTADnJpx79w2eMkJ3AlIRAbGu2gS4MX6w-KX_ITSLR4m5AKIProl_PPYPnxcY4tdFys7JNDxJlEP_jTmv7OQEp-ZllOIX9LnM7mnsn3oM HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOxc-Bi3O7iUR9kqY1Ox4gU&google_cver=1&google_push=AXcoOmT3UCJo6O0jiZrIDz5rwC8K-WzXd-9VEtGEkHdBr9jD_JZvwjCTADnJpx79w2eMkJ3AlIRAbGu2gS4MX6w-KX_ITSLR4m5AKIProl_PPYPnxcY4tdFys7JNDxJlEP_jTmv7OQEp-ZllOIX9LnM7mnsn3oM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVNCdWpBRlMxUmNrclM1&google_gid=CAESEOxc-Bi3O7iUR9kqY1Ox4gU&google_cver=1&google_push=AXcoOmT3UCJo6O0jiZrIDz5rwC8K-WzXd-9VEtGEkHdBr9jD_JZvwjCTADnJpx79w2eMkJ3AlIRAbGu2gS4MX6w-KX_ITSLR4m5AKIProl_PPYPnxcY4tdFys7JNDxJlEP_jTmv7OQEp-ZllOIX9LnM7mnsn3oM
Request Chain 193
  • https://um.simpli.fi/gp_match?google_gid=CAESECu-dF0BUU5LzlKfw2PHTTY&google_cver=1&google_push=AXcoOmRjt8ntnyb-z71Rc7X2p8phV2d6oYEsL_JSM87d0uY3q_7_5y7OusjLcqaepXfyzKR6DS3I78p8BrmHmt7LVnskUGQw5pXxgyti_STGs3Ei_FHqTs2HITKnBcl2WJfK3ZatwKr_HMZzgvF1KDZY4eWYkg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD43D7CEF7F743889492A95C4CFC5DAC&google_push=AXcoOmRjt8ntnyb-z71Rc7X2p8phV2d6oYEsL_JSM87d0uY3q_7_5y7OusjLcqaepXfyzKR6DS3I78p8BrmHmt7LVnskUGQw5pXxgyti_STGs3Ei_FHqTs2HITKnBcl2WJfK3ZatwKr_HMZzgvF1KDZY4eWYkg
Request Chain 195
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSTeSMS2oHiIEXwuZi5cgUVI0tF-nujR7JgCa6e6Tefhxn9NxDdpZtfG9qpdax2pSiKYq3uFDLoYL2LGDPwtRVUbSpwC1hn4Bv7FwibZkA5D8iWKUriuEVuKbHh6z_yuHiIvJKsi4HyfqV3ljRRBfOlYoU&google_gid=CAESELG_ALxFP8aOP26E4k03iVo&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSTeSMS2oHiIEXwuZi5cgUVI0tF-nujR7JgCa6e6Tefhxn9NxDdpZtfG9qpdax2pSiKYq3uFDLoYL2LGDPwtRVUbSpwC1hn4Bv7FwibZkA5D8iWKUriuEVuKbHh6z_yuHiIvJKsi4HyfqV3ljRRBfOlYoU&google_gid=CAESELG_ALxFP8aOP26E4k03iVo&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMTAxNDA2MjQwMDAxMDQ4OTY5MjQ2Mg%3D%3D&google_push=AXcoOmSTeSMS2oHiIEXwuZi5cgUVI0tF-nujR7JgCa6e6Tefhxn9NxDdpZtfG9qpdax2pSiKYq3uFDLoYL2LGDPwtRVUbSpwC1hn4Bv7FwibZkA5D8iWKUriuEVuKbHh6z_yuHiIvJKsi4HyfqV3ljRRBfOlYoU
Request Chain 196
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELKV6jx1_yVPiko1yO43IaI&google_cver=1&google_push=AXcoOmRIK6j20w3_BCcP88khRrEa2VTgbw4He0Kz4u1D-lsAwlS7EXE3Kmy3Y8WIuBXEjnuTWU2Ed3zxzY4TaKRtrpBcgoSCWWdA0Bee8YdikvZYdUAjAKBDDqNzM6g9Btce3maKDCuqHqbHZ3Q1cb7gYo27icg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRIK6j20w3_BCcP88khRrEa2VTgbw4He0Kz4u1D-lsAwlS7EXE3Kmy3Y8WIuBXEjnuTWU2Ed3zxzY4TaKRtrpBcgoSCWWdA0Bee8YdikvZYdUAjAKBDDqNzM6g9Btce3maKDCuqHqbHZ3Q1cb7gYo27icg
Request Chain 197
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJaXKbxSxuQoRyqPOR9uPIc&google_cver=1&google_push=AXcoOmT09TWZUBIuQCrIPn29uU5LqkYFmLpHVVOMCcs3-BN-Ovv1PBksroGbe5SsuL4XbaBBPAs9rJDNOyEk7MoE1OSBAWvNdAwG4X5qkOHaihL23_5zsDR-agTTJG2gpZc14JlT2iFs9hzlVSmqhIfSj-Z4190s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT09TWZUBIuQCrIPn29uU5LqkYFmLpHVVOMCcs3-BN-Ovv1PBksroGbe5SsuL4XbaBBPAs9rJDNOyEk7MoE1OSBAWvNdAwG4X5qkOHaihL23_5zsDR-agTTJG2gpZc14JlT2iFs9hzlVSmqhIfSj-Z4190s&google_hm=PjgZEz50RhycdVeGPv5Yxoc
Request Chain 218
  • https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4792976128368202&ias_chanId=1&ias_placementId=20338656165&bidurl=http://www.glitterfy.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g-6j8wufwU56MSjqCDhgca&adContainerId=brand_safety_4MV1Zf-NEvzpx_APzZOb4Aw&cbFunctionName=goog_wrapCb_4MV1Zf-NEvzpx_APzZOb4Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=http%3A%2F%2Fwww.glitterfy.com&adsafe_type=g&adsafe_url=http%3A%2F%2Fwww.glitterfy.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4792976128368202%26output%3Dhtml%26h%3D90%26adk%3D2743202993%26adf%3D54630664%26pi%3Dt.aa~a.1182920990~rp.3%26w%3D1200%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1702217183%26rafmt%3D1%26to%3Dqs%26pwprc%3D6689048176%26format%3D1200x90%26url%3Dhttp%253A%252F%252Fwww.glitterfy.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26dt%3D1702217183235%26bpp%3D1%26bdt%3D1463%26idt%3D1%26shv%3Dr20231206%26mjsv%3Dm202312050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26prev_slotnames%3D3239167127%26nras%3D2%26correlator%3D599539555482%26frm%3D20%26pv%3D1%26ga_vid%3D2009953697.1702217182%26ga_sid%3D1702217182%26ga_hid%3D1733098342%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D200%26ady%3D1232%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079863%252C31079922%252C31079929%252C31079930%252C31080036%252C95320870%252C95320884%26oid%3D2%26pvsid%3D4080189183877251%26tmod%3D1974460385%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D23%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26dtd%3D6&adsafe_type=bed&adsafe_jsinfo=,id:a8f2abc2-5d10-3268-7cbd-a3839ef3e11f,c:wpgtfL,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765b799994-hv2g8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tY2RPIm+11%7C12%7C131%7C132%7C14%7C151*.990511-61634096%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1711%7C17121%7C1713%7C1811%7C181211%7C1813%7C191%7C192,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:20,oid:4dac1b89-9765-11ee-8244-023d1e4c8ab9,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_4MV1Zf-NEvzpx_APzZOb4Aw&cbFunctionName=goog_wrapCb_4MV1Zf-NEvzpx_APzZOb4Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

240 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.glitterfy.com/
Redirect Chain
  • http://img41.glitterfy.com/
  • http://www.glitterfy.com/
16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.glitterfy.com/
Protocol
HTTP/1.1
Server
208.71.34.181 Story City, United States, ASN36436 (INFOBUNKER, US),
Reverse DNS
host-71-34-181.infobunker.com
Software
Apache / PHP/5.3.3
Resource Hash
b029431e415fa0fd5d3fc2b2922c87bd5c1117c5b1e26effb776f5ada57f8610

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Length
4050
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Dec 2023 14:06:21 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/5.3.3

Redirect headers

Connection
close
Content-Encoding
gzip
Content-Length
20
Content-Type
text/html; charset=UTF-8
Date
Sun, 10 Dec 2023 14:06:21 GMT
Location
http://www.glitterfy.com/
Server
Apache
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/5.3.3
js
www.googletagmanager.com/gtag/ 		225 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8E8VMT9JC3
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
acf9f64f4735b2996600dbb9b0ae1a7f8dd1215a7a76c5af5be834b05a1e147a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81402
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 10 Dec 2023 14:06:21 GMT
stylesheet-css.css
static.glitterfy.com/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://static.glitterfy.com/stylesheet-css.css
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
HTTP/1.1
Server
208.71.34.181 Story City, United States, ASN36436 (INFOBUNKER, US),
Reverse DNS
host-71-34-181.infobunker.com
Software
Apache /
Resource Hash
4fb496a58178a97960592ca91e3a7047455d40ea8e23d7cbf590449153c13fa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 14:06:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Feb 2011 13:41:33 GMT
Server
Apache
ETag
"322a783-1bb4-49d43b8a47d40"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
1782
Expires
Tue, 09 Jan 2024 14:06:21 GMT
glitterfy-logo.gif
static.glitterfy.com/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.glitterfy.com/glitterfy-logo.gif
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
HTTP/1.1
Server
208.71.34.181 Story City, United States, ASN36436 (INFOBUNKER, US),
Reverse DNS
host-71-34-181.infobunker.com
Software
Apache /
Resource Hash
71cc38ba08ec64d5375fed4518c59f51bc56ec70ed19b92792ee136477e1d385

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 14:06:21 GMT
Last-Modified
Sun, 11 Jan 2009 04:37:17 GMT
Server
Apache
ETag
"322a76e-2931-4602d8b7f1940"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
10545
Expires
Tue, 09 Jan 2024 14:06:21 GMT
glitterfy-photo_en.gif
static.glitterfy.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.glitterfy.com/images/glitterfy-photo_en.gif
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
HTTP/1.1
Server
208.71.34.181 Story City, United States, ASN36436 (INFOBUNKER, US),
Reverse DNS
host-71-34-181.infobunker.com
Software
Apache /
Resource Hash
6605864421b2d516943cc0ff66bb2f9087bfbe6076716fdd8b7a877083854371

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 14:06:21 GMT
Last-Modified
Mon, 08 Sep 2008 17:37:18 GMT
Server
Apache
ETag
"322a72b-172b-45665dee3cf80"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
5931
Expires
Tue, 09 Jan 2024 14:06:21 GMT
photo-flipbook_en.gif
static.glitterfy.com/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.glitterfy.com/images/photo-flipbook_en.gif
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
HTTP/1.1
Server
208.71.34.181 Story City, United States, ASN36436 (INFOBUNKER, US),
Reverse DNS
host-71-34-181.infobunker.com
Software
Apache /
Resource Hash
9ae3cd79c74c4a7cc38146cec0b0ceb8c0bf85fc25ab39b4a512e116446b9523

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 14:06:21 GMT
Last-Modified
Mon, 08 Sep 2008 04:17:58 GMT
Server
Apache
ETag
"322a727-2448-4565ab4404980"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
9288
Expires
Tue, 09 Jan 2024 14:06:21 GMT
glitterfy-words_en.gif
static.glitterfy.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.glitterfy.com/images/glitterfy-words_en.gif
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
HTTP/1.1
Server
208.71.34.181 Story City, United States, ASN36436 (INFOBUNKER, US),
Reverse DNS
host-71-34-181.infobunker.com
Software
Apache /
Resource Hash
0cfd99219dca577920fba9030fc5156d61229e09cfce16b55435ea87b4b45349

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 14:06:21 GMT
Last-Modified
Mon, 08 Sep 2008 17:46:39 GMT
Server
Apache
ETag
"322a726-1187-456660053fdc0"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
4487
Expires
Tue, 09 Jan 2024 14:06:21 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f2bdca79b568f2d17cd9a34402797d81a231f3a32dc6c082dfabab3940caba3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 14:06:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
3643019517805949128
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
10595
X-XSS-Protection
0
Expires
Sun, 10 Dec 2023 14:06:21 GMT
merry-scary-christmas.gif
img10.glitterfy.com/graphics/28/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img10.glitterfy.com/graphics/28/merry-scary-christmas.gif
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
HTTP/1.1
Server
208.71.34.181 Story City, United States, ASN36436 (INFOBUNKER, US),
Reverse DNS
host-71-34-181.infobunker.com
Software
Apache /
Resource Hash
0c9ebdda623d66e3b63cad5b6b6c5a60b48bb3973539cd57dd90ae1cc15102e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 14:06:21 GMT
Last-Modified
Mon, 29 Jan 2007 05:44:54 GMT
Server
Apache
ETag
"31e63f6-124ee-428276075a180"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
74990
Expires
Tue, 09 Jan 2024 14:06:21 GMT
Christmas_Santa.gif
img10.glitterfy.com/graphics/357/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img10.glitterfy.com/graphics/357/Christmas_Santa.gif
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
HTTP/1.1
Server
208.71.34.181 Story City, United States, ASN36436 (INFOBUNKER, US),
Reverse DNS
host-71-34-181.infobunker.com
Software
Apache /
Resource Hash
a56369a6e084213da00d4f02c2435140e9f7ba2aa4ff18d91cd75a897d5e944c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 14:06:21 GMT
Last-Modified
Sun, 23 Dec 2007 07:43:30 GMT
Server
Apache
ETag
"31e6819-15b7e-441ef448e2c80"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
88958
Expires
Tue, 09 Jan 2024 14:06:21 GMT
merry-christmas-bulbs.gif
img10.glitterfy.com/graphics/28/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img10.glitterfy.com/graphics/28/merry-christmas-bulbs.gif
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
HTTP/1.1
Server
208.71.34.181 Story City, United States, ASN36436 (INFOBUNKER, US),
Reverse DNS
host-71-34-181.infobunker.com
Software
Apache /
Resource Hash
ef0a5fee5e1c10d3257b4bbfce08d6e91791470cffa30a0c78ca01dc715c4799

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 14:06:21 GMT
Last-Modified
Mon, 29 Jan 2007 05:45:24 GMT
Server
Apache
ETag
"31e6430-d2b4-42827623f6500"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
53940
Expires
Tue, 09 Jan 2024 14:06:21 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-8E8VMT9JC3&gtm=45je3bt0v9133021965&_p=1702217181789&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2009953697.1702217182&ul=en-us&sr=1600x1200&_s=1&sid=1702217181&sct=1&seg=0&dl=http%3A%2F%2Fwww.glitterfy.com%2F&dt=Glitterfy.com%20%7C%20Customize%20Glitter%20Graphics%2C%20Glitter%20Text%2C%20Glitter%20Photos%2C%20Flipbooks&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=676
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8E8VMT9JC3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.glitterfy.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98f9646d7c1b15aa111349ddd8321297225cd092d94911434141043ad0b677aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51924
x-xss-protection
0
server
cafe
etag
10087301147841823284
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 14:06:22 GMT
likebox.php
www.facebook.com/plugins/ Frame 6E95
Redirect Chain
  • http://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
  • https://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
36 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b87ec13692b6226e23fbb9fd35bc2e81df04fba6e7ced92c527c8ce4a6da61ab
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.glitterfy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:22 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
cz9FYgRacCMRc+HvDg9Q9nO9t8UNtPP1rqCdIGBMRg61yDfTrUKEeinMq2suXRL9gTXpmrr3W5D/OjaCkRHbfA==
x-xss-protection
0

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
Non-Authoritative-Reason
HSTS
purplegradient.gif
static.glitterfy.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.glitterfy.com/purplegradient.gif
Requested by
Host: static.glitterfy.com
URL: http://static.glitterfy.com/stylesheet-css.css
Protocol
HTTP/1.1
Server
208.71.34.181 Story City, United States, ASN36436 (INFOBUNKER, US),
Reverse DNS
host-71-34-181.infobunker.com
Software
Apache /
Resource Hash
3a0e5d65e8a848ddcce449abecc5fcd4e7df645bbec41b68a3c0b7ea59bad3e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://static.glitterfy.com/stylesheet-css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 14:06:22 GMT
Last-Modified
Tue, 20 Apr 2004 21:14:12 GMT
Server
Apache
ETag
"322a792-663-3d88628cef100"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
1635
Expires
Tue, 09 Jan 2024 14:06:22 GMT
search-btn.gif
static.glitterfy.com/images/ 		416 B
728 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.glitterfy.com/images/search-btn.gif
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
HTTP/1.1
Server
208.71.34.181 Story City, United States, ASN36436 (INFOBUNKER, US),
Reverse DNS
host-71-34-181.infobunker.com
Software
Apache /
Resource Hash
adece896da2a228817053c56326cebeb1f6782f9be5ffc8773d68c3fbed6201f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 14:06:22 GMT
Last-Modified
Sun, 29 Nov 2009 19:17:31 GMT
Server
Apache
ETag
"322a724-1a0-47987605b88c0"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
416
Expires
Tue, 09 Jan 2024 14:06:22 GMT
tableft8.gif
static.glitterfy.com/ 		680 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.glitterfy.com/tableft8.gif
Requested by
Host: static.glitterfy.com
URL: http://static.glitterfy.com/stylesheet-css.css
Protocol
HTTP/1.1
Server
208.71.34.181 Story City, United States, ASN36436 (INFOBUNKER, US),
Reverse DNS
host-71-34-181.infobunker.com
Software
Apache /
Resource Hash
523e148cabfafde32d666269cd9d9a3ecdf450c6e588c7d88401043045d4cf19

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://static.glitterfy.com/stylesheet-css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 14:06:22 GMT
Last-Modified
Fri, 25 May 2007 04:01:29 GMT
Server
Apache
ETag
"322a785-2a8-4314374345840"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
680
Expires
Tue, 09 Jan 2024 14:06:22 GMT
tabright8.gif
static.glitterfy.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.glitterfy.com/tabright8.gif
Requested by
Host: static.glitterfy.com
URL: http://static.glitterfy.com/stylesheet-css.css
Protocol
HTTP/1.1
Server
208.71.34.181 Story City, United States, ASN36436 (INFOBUNKER, US),
Reverse DNS
host-71-34-181.infobunker.com
Software
Apache /
Resource Hash
c971f4cdfa310443ad531d2eec2190a5414951a95fe3b8e63aaa78bd7440080c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://static.glitterfy.com/stylesheet-css.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Sun, 10 Dec 2023 14:06:22 GMT
Last-Modified
Fri, 25 May 2007 04:01:30 GMT
Server
Apache
ETag
"322a791-ffa-4314374439a80"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
close
Accept-Ranges
bytes
Content-Length
4090
Expires
Tue, 09 Jan 2024 14:06:22 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 		398 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=pub-4792976128368202&plah=www.glitterfy.com&bust=31080036
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7137feb23e6e5d9fded6b150649c4ba912dc15762a516c7fa8e424860732955c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137718
x-xss-protection
0
server
cafe
etag
17573711598465373611
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 14:06:22 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 4DEC 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.glitterfy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67092
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 19:28:10 GMT
etag
5585625838579639069
expires
Sat, 23 Dec 2023 19:28:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 6E95 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 14:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xXCq6/qryia0kWXvm23HIA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5237
reporting-endpoints
x-fb-debug
7NNaJLVo0u/wqYd8VrV9Xtmv/o1nMyoOpKbHYKZpKSkODSpDHH3tMvuudtFs91kRESEvngmeTu4Bv7JOAx77aQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 30 Nov 2024 00:18:19 GMT
JS2LsxE-gw3.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 6E95 		354 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 14:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Veg+9swSo/ybchlTfP+avA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93749
reporting-endpoints
x-fb-debug
31AqwbCfTCTcudamxVEbPP3wlmGkMl1tZdWSd3g3s6dbiDwLJfN5z7OR3MFMePpkWdrAASkWtoX4AdJL7E8FGg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 01:12:18 GMT
tbb6w30TkDN.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 6E95 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HCL+u+2LMSrM7ELnarU2bQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2226
reporting-endpoints
x-fb-debug
0BDt7JO0vWBFPed7QzqcXlXqrAmvmDanmJcej3NDBt9V9N4YYDANFfG14ilZdhOKVGAyD06ByukQJn13WbgaGg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 09:00:13 GMT
YJcyY7izLGB.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 6E95 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qj5bFqqBeNQLu7uSNkxJ/A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27471
reporting-endpoints
x-fb-debug
LZKEFTG/KMW6AqPGIMj1aXD/yzxnY0nT5+Wk7OS7sNmJUBRm3X+lA5C1raPigu6doHOrCXoYNzI645yNFD0XCg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 22:18:56 GMT
Oqf9IHnbxLu.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 6E95 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/Oqf9IHnbxLu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2549ef26d7da0d8cc8844658a98b88520f80890bc8fba678e1c8860612c43ef7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 14:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9MINgIqN0461ojiNiqiKIw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16842
reporting-endpoints
x-fb-debug
Adt/oKpTolfIuDJp0K1OhS11TFMvoJokj4WNSNh/FK3CUZ8+yf82bdBK1rqLIuFgB7nKOe0BMg0usSp9Bq7pcA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 08 Dec 2024 17:32:21 GMT
KudK-WKp3ZH.js
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yx/l/de_DE/ Frame 6E95 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yx/l/de_DE/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3827a6dd36894e2178e76226f61a99f2099896b5d088e2a8db6c405402b4bcbd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 14:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mPl1TBwuoZqEeIwYXpaEUg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20134
reporting-endpoints
x-fb-debug
Esx9iKegfu4Xp3iVM3PWlBNqCg1QSsBlvH8kltoZB8tGDymTIi78tmnSNSh7zk8muLbz0yYnR3wzU+IIl8Srfw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 30 Nov 2024 23:20:19 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 6E95 		507 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Sun, 10 Dec 2023 14:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
joNYRypy6z7FF4kTux0cWa5sl7ftAPU4fMQBgQTspVOy+nAWinlq/sxDsr2sjncnTtXts0rlxY7sG5zMyrT7pg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 22:03:03 GMT
360104398_674282578071667_2146982271425735006_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 6E95 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t39.30808-1/360104398_674282578071667_2146982271425735006_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=104&ccb=1-7&_nc_sid=4da83f&_nc_ohc=HVPFYSHWMokAX_0iNQj&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfAXYRdEMrGREYk8Gj4ANoYx1MVu3rEQKlInhp7aS_zkLw&oe=6579E6BD
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?id=35490478965&width=200&height=55&stream=false&header=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d25a14bfcdb46dfc66a94e38969850f6de6c73bf914827934e906554e3fcda4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:22 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 13 Jul 2023 21:45:50 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3512721946
thrift_fmhk
GBBt2SgfEc5ztQMCwEjG0aAgFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3389826675
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1490
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 6E95 		573 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:22 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
9ygE433ch9ElZumkdZURtSlrH0filg00SWK+i/a1JKI/cmliD6+ewe8ewqaa64OreoPUqZlYKfzEQpvpl5kgFA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1,i
expires
Thu, 28 Nov 2024 00:04:42 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1F66 		127 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=pub-4792976128368202&plah=www.glitterfy.com&bust=31080036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd710064255e57a54531cd8a8d999e23e1ec9001b17edb06805b99c6e359818f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.glitterfy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41465
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:23 GMT
expires
Sun, 10 Dec 2023 14:06:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4FCD 		645 KB
144 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&adk=1812271804&adf=3025194257&lmt=1702217182&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x1080_l%7C356x1080_r&format=0x0&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1702217182231&bpp=2&bdt=460&idt=173&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3239167127&nras=1&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=181
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=pub-4792976128368202&plah=www.glitterfy.com&bust=31080036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9752ed8055e73fcf4d17b1032c674cf410bcc317a7b230fec0845e5bf75c8828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.glitterfy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
147428
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:23 GMT
expires
Sun, 10 Dec 2023 14:06:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
e21910fd923a6283b5d44b2382eabc86.js
www.gstatic.com/mysidia/ Frame 1F66 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 02:12:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
129262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4064
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 08 Mar 2024 02:12:01 GMT
f3d12415f986ed3504122551351bc1d0.js
www.gstatic.com/mysidia/ Frame 1F66 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 06:43:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16637
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 08 Mar 2024 06:43:55 GMT
d500f8b303efba9f5ab695bab8da4c89.js
www.gstatic.com/mysidia/ Frame 1F66 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:59:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8365
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 18:59:58 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1F66 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
69071
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 18:55:12 GMT
92da1c8e4790a69c4d76e84ba2e3001c.js
www.gstatic.com/mysidia/ Frame 1F66 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/92da1c8e4790a69c4d76e84ba2e3001c.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 03:42:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37457
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2259
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 09 Mar 2024 03:42:06 GMT
50459845d1cbd526a76ea757de42d266.js
www.gstatic.com/mysidia/ Frame 1F66 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/50459845d1cbd526a76ea757de42d266.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:00:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
158747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9842
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 18:00:36 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 1F66 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
69100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 18:54:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1F66 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 10:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
13176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 10:26:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1F66 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
62652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1F66 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 14:06:23 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 1F66 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 20:29:37 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/reactive_library_fy2021.js?bust=31080036
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=pub-4792976128368202&plah=www.glitterfy.com&bust=31080036
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8b622b85c9f40aa67a2795721d859ee6bd105052cb645adce501d3a1d9d5699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56003
x-xss-protection
0
server
cafe
etag
9728227299914130237
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 14:06:23 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 790B 		29 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=pub-4792976128368202&plah=www.glitterfy.com&bust=31080036
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a33ffed47ab9ac8e944de799f407aea8ad2beca0d9e522594e80fce7e0eff5ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.glitterfy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
12795
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:23 GMT
expires
Sun, 10 Dec 2023 14:06:23 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		214 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f3d12415f986ed3504122551351bc1d0.js?tag=html5_display_upload/html5_exit_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f905055ff017d4f4b271f2a74746a2018521642363f0ac250bd7cd153ed43d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
111729
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20631
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 07:04:14 GMT
expires
Sun, 08 Dec 2024 07:04:14 GMT
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
truncated
/ Frame 1F66 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c10408a906bafcc53dae6a31f3bc5b73b7eff11555bfa8da8f841dbf257d9e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E96E 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:29:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63403
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 10 Dec 2023 20:29:40 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame E96E 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
68343
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 10 Dec 2023 19:07:20 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 562B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=pub-4792976128368202&plah=www.glitterfy.com&bust=31080036
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.glitterfy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 20:29:38 GMT
etag
5585625838579639069
expires
Sat, 23 Dec 2023 20:29:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame 178B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=pub-4792976128368202&plah=www.glitterfy.com&bust=31080036
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.glitterfy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 20:29:38 GMT
etag
5585625838579639069
expires
Sat, 23 Dec 2023 20:29:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame EBE5 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=pub-4792976128368202&plah=www.glitterfy.com&bust=31080036
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.glitterfy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 20:29:38 GMT
etag
5585625838579639069
expires
Sat, 23 Dec 2023 20:29:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/ Frame DABB 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=pub-4792976128368202&plah=www.glitterfy.com&bust=31080036
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.glitterfy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 20:29:38 GMT
etag
5585625838579639069
expires
Sat, 23 Dec 2023 20:29:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F66 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoNCAEqCWZ1bGwtc2xvdAokGgxidW5kbGVSb3dLZXkqFDE0MDg1MjYwMDAyNDczNDkxMjMyCgoIAioGc2VydmVyCg0QKyEAAAAAAAAcQDAECg0QAyEAAABkZvqKQDAECg0QCiEAAAAA0Mz8PzAECg0QDSEAAAAAAAAAADAECg0QHioHMzAweDI1MDAECg0QGSoHMzAweDI1MDAECg0QDiEAAAAAMzMkQDAECg0QBCEAAABkZl6LQDAECg0QDyEAAAAAAJq5PzAECg0QKyEAAAAAAAA3QDAECg0QBSEAAAAAAGCLQDAEEhpDUG4yOUpPRmhZTURGUnhqRlFnZGpEUUNRUSIjaHRtbDVfZGlzcGxheV91cGxvYWQvaHRtbDVfZXhpdF9hcGkoPA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 562B 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Dec 2023 14:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Dec 2023 13:18:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Dec 2023 14:06:23 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 562B 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 13:28:20 GMT
x-content-type-options
nosniff
age
175083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 07 Dec 2024 13:28:20 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 562B 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 11:41:25 GMT
x-content-type-options
nosniff
age
181498
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 07 Dec 2024 11:41:25 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 562B 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:58:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
68882
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6784
x-xss-protection
0
server
cafe
etag
2582286893585073394
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 18:58:21 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 562B 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 12:33:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
5600
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9231
x-xss-protection
0
server
cafe
etag
9385233705467680479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 12:33:03 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 94A5 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhoPo4gEwAQ&v=APEucNXmNREzKVEnMwPzpqDiJvg8r4lLYS_3oV0pWZvmjLBysb_TYGFrHD9yuJt_SsI9FV2vUcLCqQ4HHYBr6eVKkfnFXDtQE-92Ct737RJ1zOD79p8mcROo2JAWisMvfi6lIpOT7-5niLndYKT9tQ0wm4NecIfGqqtZdkyz3EEKeppgbJLrA-0
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:23 GMT
expires
Sun, 10 Dec 2023 14:06:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame BB8D 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62639
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 20:42:24 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame BB8D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
68294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:08:09 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame BB8D 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:00:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
68783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame BB8D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
158475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame BB8D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 10:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
13176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 10:26:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame BB8D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
62652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BB8D 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 14:06:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB8D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B24ee3hDZt1mitQeagf4_jgzyMF1azNCUk8M6V7n5zQ1M67ZI2USoGDKqMiaZXZ9VrQm_MJz8c8gM3Q4uJeqOe5kAfCPV25D2-vo8FFWC3_mKYi_o
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 046F 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhoPo4gEwAQ&v=APEucNVb7Ats7bslLMKcfOg1J4vWjKZSyDiMDfu_1eUuEye2ClOgYPO8PWiuEeagNzw6-8F5GK4Mp1qW7DbRD02OY1ETkjSV7CAT90zVXBxAUUA_ih4Sh4uFTtP9JjUfQ40HhNFUNLk0bTJ_j4wR9rtjwdMSklIW0Z85iY7aZ5fvsvGunQ9tn8M
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:23 GMT
expires
Sun, 10 Dec 2023 14:06:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F5E0 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62639
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 20:42:24 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame F5E0 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:08:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
68294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:08:09 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame F5E0 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:00:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
68783
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F5E0 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
158475
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 18:05:08 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F5E0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 10:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
13176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 10:26:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame F5E0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
62652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F5E0 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 14:06:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F5E0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DNSXnxsOYhHWLV5JRW6MPgXlgHoHJbikihqHQ1Lbv-b3b8RmZtp4-U5rGZcik2qaRhDlNfltfbN81wtkmEJsXJotZtJVENAqRtik1pOUl1DtxRcFU
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame DABB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cz3YV3sV1ZdWTG_GB1fAPusC7sA3tpcHVdJy3uIDdEdrZHhABIJ3y9gFglYKAgKAHoAHp9Iu_A8gBAqkCYi2If_cOsj6oAwHIA8kEqgTHAU_QFNNYsIfUGZ4tuTDTzWFnVNHTgPJVJzTYmCu...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222103277114427804907%22,%22debug_reporting%22:true,%22destination%22:%22https://ovhcloud.com%22,%22event_report_window%22:%...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222103277114427804907%22,%22debug_reporting%22:true,%22destination%22:%22https://ovhcloud.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22937622121%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228300595123004513329%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:23 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"2103277114427804907","debug_reporting":true,"destination":"https://ovhcloud.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["937622121"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"8300595123004513329"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Dec 2023 14:06:23 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 10 Dec 2023 14:06:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2103277114427804907","debug_reporting":true,"destination":"https://ovhcloud.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["937622121"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"8300595123004513329"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame DABB 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
69100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 18:54:43 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8E9B 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 13:29:38 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame DABB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 10:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
13176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 10:26:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame DABB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
62652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:11 GMT
13308858016250091907
tpc.googlesyndication.com/simgad/ Frame DABB 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13308858016250091907?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkC4dHFpeWMdfpIQMvTidC3e8LcOA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
687a2825f9cfcdb71fd7f229707d8ca82469029090d98f557f05d60e62dfc38a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 12:46:04 GMT
x-content-type-options
nosniff
age
177619
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13664
x-xss-protection
0
last-modified
Tue, 21 Nov 2023 13:28:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 12:46:04 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DABB 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 14:06:23 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame DABB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:08:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
68264
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14788
x-xss-protection
0
server
cafe
etag
1899721059218863233
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:08:39 GMT
rum
dsum-sec.casalemedia.com/ Frame 94A5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBDCs3h1nrN3lWw1be_Qb4A&google_cver=1
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBDCs3h1nrN3lWw1be_Qb4A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhoPo4gEwAQ&v=APEucNXmNREzKVEnMwPzpqDiJvg8r4lLYS_3oV0pWZvmjLBysb_TYGFrHD9yuJt_SsI9FV2vUcLCqQ4HHYBr6eVKkfnFXDtQE-92Ct737RJ1zOD79p8mcROo2JAWisMvfi6lIpOT7-5niLndYKT9tQ0wm4NecIfGqqtZdkyz3EEKeppgbJLrA-0
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VHn6eSslP9WP8z1dxDZTYlOjzQwGhVw4H1CENQI268rd%2FUVkBHrzIpo6%2FQQFs2ucWPfN6ZQQ5uxu%2BcMh7JLsZTRvdLEGWeId2F6VLdQ1ci7%2FaXmOOYMQgrhKl2xlwzo5da%2B9F7dFE8lNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83360c562fa436e0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBDCs3h1nrN3lWw1be_Qb4A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 94A5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXXF31wrd1YRZQWxiMxZGQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELBFkYcKnT0fAvemRSanurA&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELBFkYcKnT0fAvemRSanurA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhoPo4gEwAQ&v=APEucNXmNREzKVEnMwPzpqDiJvg8r4lLYS_3oV0pWZvmjLBysb_TYGFrHD9yuJt_SsI9FV2vUcLCqQ4HHYBr6eVKkfnFXDtQE-92Ct737RJ1zOD79p8mcROo2JAWisMvfi6lIpOT7-5niLndYKT9tQ0wm4NecIfGqqtZdkyz3EEKeppgbJLrA-0
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aP7R21mRh3v%2Fy1iGoWuFXKLFlkN%2BFepFO4s6OC1FHGw8S4vHsbiNFZFOtrtjTGT%2FGh%2FWcy2OmXKEV2uoGBT97imha6XmKLbgZPiFd3thlRnHsKA%2FpOeAAfEx1ta%2FZm6kCgRqkoHayo1QnA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83360c56bdb19070-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELBFkYcKnT0fAvemRSanurA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 94A5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDXfz_KMuScbffZ2c6di638&google_cver=1
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDXfz_KMuScbffZ2c6di638&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhoPo4gEwAQ&v=APEucNXmNREzKVEnMwPzpqDiJvg8r4lLYS_3oV0pWZvmjLBysb_TYGFrHD9yuJt_SsI9FV2vUcLCqQ4HHYBr6eVKkfnFXDtQE-92Ct737RJ1zOD79p8mcROo2JAWisMvfi6lIpOT7-5niLndYKT9tQ0wm4NecIfGqqtZdkyz3EEKeppgbJLrA-0
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
an-x-request-uuid
ef280ae8-a43a-4809-8859-d9b2a18b603c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.135; 178.162.209.135; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDXfz_KMuScbffZ2c6di638&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 94A5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1NTk5ODEyNzQyMzQxMzgzNA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1NTk5ODEyNzQyMzQxMzgzNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhoPo4gEwAQ&v=APEucNXmNREzKVEnMwPzpqDiJvg8r4lLYS_3oV0pWZvmjLBysb_TYGFrHD9yuJt_SsI9FV2vUcLCqQ4HHYBr6eVKkfnFXDtQE-92Ct737RJ1zOD79p8mcROo2JAWisMvfi6lIpOT7-5niLndYKT9tQ0wm4NecIfGqqtZdkyz3EEKeppgbJLrA-0
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
an-x-request-uuid
b46d5ab4-e1d8-472a-b098-ef2fb03bd776
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1NTk5ODEyNzQyMzQxMzgzNA%3D%3D
x-proxy-origin
178.162.209.135; 178.162.209.135; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 046F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELBFkYcKnT0fAvemRSanurA&google_cver=1
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELBFkYcKnT0fAvemRSanurA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhoPo4gEwAQ&v=APEucNVb7Ats7bslLMKcfOg1J4vWjKZSyDiMDfu_1eUuEye2ClOgYPO8PWiuEeagNzw6-8F5GK4Mp1qW7DbRD02OY1ETkjSV7CAT90zVXBxAUUA_ih4Sh4uFTtP9JjUfQ40HhNFUNLk0bTJ_j4wR9rtjwdMSklIW0Z85iY7aZ5fvsvGunQ9tn8M
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2B19LKFsSkkkQEb0Ccursrqqy62MK5ZvQGdIXkyU6NROQ1hiXtl2NYggPDPuFwTiohTF%2BVXhKB1zgE6VF%2BQnEmflgMR6P9BLnE13nZTgzU4fr%2BigANJiX6JhLusmKTcky5IqAzMep8nRZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83360c562fa536e0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELBFkYcKnT0fAvemRSanurA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 046F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXXF31wrd1YRZQWxiMxZGQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELBFkYcKnT0fAvemRSanurA&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELBFkYcKnT0fAvemRSanurA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhoPo4gEwAQ&v=APEucNVb7Ats7bslLMKcfOg1J4vWjKZSyDiMDfu_1eUuEye2ClOgYPO8PWiuEeagNzw6-8F5GK4Mp1qW7DbRD02OY1ETkjSV7CAT90zVXBxAUUA_ih4Sh4uFTtP9JjUfQ40HhNFUNLk0bTJ_j4wR9rtjwdMSklIW0Z85iY7aZ5fvsvGunQ9tn8M
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x1lKBzONC84L%2FX42MsUbl%2B1gDVJxCIQOpiPP%2BMghXNAx7HVqmzeP%2FmkAvEqSamp%2FLPhghFXyvQgj5cXkiNzG7P4jMLfinNDffuWENL6N9TanpamstdEy2KC0MsKFNl9aedwDWezegqZ7OA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83360c569d8a9070-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELBFkYcKnT0fAvemRSanurA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 046F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDXfz_KMuScbffZ2c6di638&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDXfz_KMuScbffZ2c6di638&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhoPo4gEwAQ&v=APEucNVb7Ats7bslLMKcfOg1J4vWjKZSyDiMDfu_1eUuEye2ClOgYPO8PWiuEeagNzw6-8F5GK4Mp1qW7DbRD02OY1ETkjSV7CAT90zVXBxAUUA_ih4Sh4uFTtP9JjUfQ40HhNFUNLk0bTJ_j4wR9rtjwdMSklIW0Z85iY7aZ5fvsvGunQ9tn8M
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
an-x-request-uuid
c1c15c8c-dfae-411d-b83c-debef2ec64a2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.135; 178.162.209.135; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDXfz_KMuScbffZ2c6di638&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 046F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1NTk5ODEyNzQyMzQxMzgzNA%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1NTk5ODEyNzQyMzQxMzgzNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYhoPo4gEwAQ&v=APEucNVb7Ats7bslLMKcfOg1J4vWjKZSyDiMDfu_1eUuEye2ClOgYPO8PWiuEeagNzw6-8F5GK4Mp1qW7DbRD02OY1ETkjSV7CAT90zVXBxAUUA_ih4Sh4uFTtP9JjUfQ40HhNFUNLk0bTJ_j4wR9rtjwdMSklIW0Z85iY7aZ5fvsvGunQ9tn8M
Protocol
H2
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
an-x-request-uuid
c452b589-965b-48d7-a568-27bc4b565ae3
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1NTk5ODEyNzQyMzQxMzgzNA%3D%3D
x-proxy-origin
178.162.209.135; 178.162.209.135; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222103277114427804907%22,%22debug_reporting%22:true,%22destination%22:%22https://ovhcloud.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22937622121%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228300595123004513329%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 10 Dec 2023 14:06:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 1F66
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=COJcj3sV1ZfmPGpzG1fAPjOmIiAT8mqi2dMbS957oEZjU5buLDhABIJ3y9gFglYKAgKAHoAHW29r8AsgBCakCO6SzqUwwgT6oAwHIA0iqBNQBT9D_U2r1Fj0BpgQs2su_CX-ZI6k8OcUCkZi...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228386041287151305476%22,%22debug_reporting%22:true,%22destination%22:%22https://4kzgame.com%22,%22event_report_window%22:%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228386041287151305476%22,%22debug_reporting%22:true,%22destination%22:%22https://4kzgame.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223068127432202209105%22}&andc=true
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:23 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"8386041287151305476","debug_reporting":true,"destination":"https://4kzgame.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["798404054"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"3068127432202209105"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 10 Dec 2023 14:06:23 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 10 Dec 2023 14:06:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8386041287151305476","debug_reporting":true,"destination":"https://4kzgame.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["798404054"],"4":["12-10"],"6":["true"]},"priority":"500","source_event_id":"3068127432202209105"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
css
fonts.googleapis.com/ Frame E3A8 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 10 Dec 2023 14:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 10 Dec 2023 13:13:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 10 Dec 2023 14:06:23 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E3A8 		2 KB
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
69071
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 18:55:12 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame E3A8 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 18:54:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
69100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 18:54:43 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1A7D 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2205
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 13:29:38 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E3A8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 10:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
13176
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 10:26:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame E3A8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
62652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:11 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame E3A8 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 14:06:23 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame E3A8 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 20:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 07 Mar 2024 20:29:37 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 9879 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=250&slotname=3239167127&adk=3066568758&adf=3894016953&pi=t.ma~as.3239167127&w=300&lmt=1702217182&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&wgl=1&dt=1702217182040&bpp=167&bdt=268&idt=347&shv=r20231206&mjsv=m202312050101&ptt=5&saldr=sd&abxe=1&correlator=599539555482&frm=20&pv=2&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=428&ady=442&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884%2C31080064&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:21:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
121487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 04:21:36 GMT
index.html
s0.2mdn.net/sadbundle/12943809228921786815/ Frame 5417 		1 KB
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68b34a28617137221b76b93546359bf577aea1d6b3aadbd65b40e8bbdae7dd0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:23 GMT
expires
Mon, 09 Dec 2024 14:06:23 GMT
last-modified
Thu, 27 Apr 2023 13:46:02 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame BB8D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuiZetPDdLm8CD5rMibum1PfiCIwjZYBrORf5_Vv1zZOyOicPJ6mnHcuvoxs3GK37g8fRanikuLy1CLOvM2N6hxBPFKg1MvQa1I5PGOGPLLcGvK85BDiOZ63Z0Oixkwg_KfO6Imx3hO0o59wbHlQNZV4al3fxGNuKp4YDlCSOyphNxFFyaLulORf_eTTDq--WqwnVeyJsTghQ7-8VAC3keHVbH8E1eHRa1CF1z-G9LqkEq0bExmdInm6410Mzept_WwDSajppY32BoAX3TORoG31oDZ7hrMsGvvzyZU7H3igCr6sUSKMN1im32KstlnjEiuW17QKUd98lLDCIdq-Xdr6eV-0adpdnGMmegdqTDu_H0ozFtZ81RhasAUKljgWCE3h7PUO81ktIH68mx_7MxEZUJvdGY0dHqMP-Oi1A57b_qjnpCpuR9dmefQUs73snVeg_G86vp4iWFEEYkJu_cIv7z9bV40WrCjHZ2_D_3vdSnHLWUervxad12MNt4gb5IFR854DUTPrKNRuEK4-Ldz8GjHlmpoi784YJ0Nf4GPdidzACb-EVFf5dwkfWPGjam4iVKPwdEU__5NM1tPo2NeU4tsip6-GZ6BD3iizXWyU8nZusmpoTkO_B1AdrApB1tT88Ybdo5xEuIpO6hM4bQmxHE07CqBiuAWQupg6RV4bwcj_GvlMVMsiKxTeXgGUF_9jNTurQmNRfEnxc1yU7tY9AsS-EfioTESmzz6xoctpymGkWGPRzl6P9m9Ch2vtRDXPvr0lVvOnx-zSk9f2cd8J1MHBZp0aE3hkvB08P1Ui3qwlA2YpCNKnlj2u5YUxusCH9SCNp28KO19PdH9FOvH__Kz90zS9BMhuh9WD7ZnNDL2VwtogKhAayzjysKxnHYu8K1NlThctX5o1IBDjv1SeoVbwf2ltFTj90iM6UHHlPNFsNRPrma4d9URADb521c67ZveQcwcJV8uzLT0mwCzQZGveBRQZ60tyXamygcSW0IyeJ8pJDlFE_S187wAyMZO67RmfSQuMwchXFYWN8lMpVppXEWdyenfdVQXGHg96VqizhmvEyL4dlGnw6D6NB05fwCr22dzBCDd2taTc5SBJnt_wdKY3T5sbRXIRfw9tWhi4YT02n_kp7rls9rlrGW0vnpHigcawwXRwgKePRg7Y825chS7FtjGi6Hg_CZ-ttVTZ8NDNdKj6amJQ9OJhIJicn-x1tnGkthoedoTHURT_ELma7MZZYWhs7Xjc3Hp5Z5gDMvwQdckFsVy9J_AXIOj_HhtYCqmTyFQ72F9nd0iEYtGkg9B61K5mzRPxv8WKcNQSSZxE4mo0O_1-B8NVf5tVWS0xgkgHm8GdLKhgcR6ix75XA3oJ00iVrF0GYxykQdxeGUP_R8IzgAPjfForkrlEA&sai=AMfl-YRp-LYn60klAQKcRdHFdr7HJD7U5nfcYTVvtFUb-VUj_syhM7f4ImdqBLdrjnV7v0CryncWn1GDlBTX88E1L9l8o1jwLred9PD6peEVGaRrHxSp5-ZjyqmTuMKGgVupHuc1ooIDUTqI5kw20rUneov4g31eoR-tiZXqI-MMnX6Yn2yXvsujZ8wCkrepFHRp-tHw_htrGnKdcqKq5HOcfOFCX5D0YUnP32XOicwj8pMKOxBo2KxtrDg7GAesrG52_NHpjRy5zLocjKv3J_YyzLwAw1fwDOGhRv5CFw15sRk9tvtCyBgKcwuvV4br49sZP2SbZ-6_x3Ui9APOQqrU8E8S96BwUqntk7iXXdQm7QRmrHpF0fvgtSQM6SzTWL-ByY5KvQHHXMm_WPM-HmpsunVO3M6hdcXi3Rqz0FUTMFkCLENlIKJ6GdL0Vxnu8QhKCi4YvuHorzeBY86B5iHPZocIEwb_fyqPbs9o5p_b2z5yYPlU2R3jkYh5dG4x1-ClaLQ1JdI&sig=Cg0ArKJSzImmN4T2-e47EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=260&cbvp=1&cstd=250&cisv=r20231206.22093&arae=0&ftch=1&adurl=
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 10 Dec 2023 14:06:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ai.aspx
m.exactag.com/ Frame BB8D 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180662177&extPm=361198337&gdpr_consent=&gdpr=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.14.248.91 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Sun, 10 Dec 2023 14:06:23 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
So, 10 Dez 2023 02:06:23 GMT
X-ET-Code
11
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 95E4 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
123635
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 03:45:48 GMT
expires
Sun, 08 Dec 2024 03:45:48 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12943809228921786815/ Frame 0C7A 		1 KB
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68b34a28617137221b76b93546359bf577aea1d6b3aadbd65b40e8bbdae7dd0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:23 GMT
expires
Mon, 09 Dec 2024 14:06:23 GMT
last-modified
Thu, 27 Apr 2023 13:46:02 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame F5E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstaG4nrq2n8jrmY7QqOX3fzyykFxAcGenVd8rfPgTczBZMOo412zJxC33KsKNqzUQQ44iefzaSroMcRYktRQATOsDjBP8doPmcCUwoFx3ppT1JJ9sxNk2rjxWBftgZttfZpF4XT8wwHAVyunz5x0k1NJ7n0z7B1F5BpP7CB59xnokb95WqmbicpkCK1u0YEkoa2V5Utm3dThf4l3KgQ_aeSaH9_82NaqW_dXLl0jNTOYwuph9h01P0UmKAbd6-LaPR3OH1-ERSQVfvPqrofpIBKuN_Rbpj04LyIBSoJi3cZbywl3ZXX5CFEWAVsXcf4QEpc1d6WSsI0kJeeez_yGz_6JQ6i_-KnOMpQt0oZQkirh9QBuP1k4MSOpgDd8Q2BS2cHeylkWPKKIfp00M57-ozQtttjpDUkc4sedb5Z3SjImK_CsOp5-3n0U-nPLCJRI2M-1lDNmPZPOUUpjl0sgj4bJk2Qyv5-Gnh2bXZRA7k8aJzAwvaE6pZACDrqgTiYPlqcEgHHuBVTJHv2LbFSQBlqZQZY9m3N-Ub4aR3YEIxGcFyOin-du_CE6LdHKe247A1JX6OLnpPawmhDlDaYqTUnX7pO2BoM1rcBxcl9B4QXv4dbPoVbBoekxNegeu6F_kozsyMqFjdLmIPMWkRwA-xoSRKheBlrAzmfxNXL07EhzLnhdtDzbgnGJBFyE3f-CCQUCrc_etVxBJ6zIzO168TuJ5PbATg-GqNQDxgBYnnz0v01qA3s_TX9TVvdTWdQySaRLq5YOLrFKAps7eEwV5xEThIEE7tSM8BxarArNKkbBifN4-_AXQaMc6PRep1fzlORNIE1Kz9p47HIP2X5naNCdPcczFCKRZt0-UQJUd47pD9nVflHc_QBQyzzNFsvCHZYqD-eYhT9ZjpII_FZ0Gu64dqXSLtXcz_ngR4xy543P8TnhJUICo3Sa5eeYTmD9IHUTIxp2D0iJ48OXJ3ivxsctskJkCLJZ8uKibjc7CCgDvDpxdv7o5snTqXeohwreSZ25YevTrrKZUEgqVB4gCTTvYwyQYRuKGNS0Qvs_UOvgNaZiOt99WdmvKu4-rfPhSSs7VQbSeo6RL-sQY3oJyJhersVEeJG5LLyrl4U_42MwgFHX2jiScoUnpK3vkbFpJOhwU4xfB4aNZqQKJJgrUlKuXzOtIDbHKH4kxYwSgG5325o4o2Di2qVb4F3FX4dpxtTzTfWC3uEsHwZeKDLgiq15YMhr7NsW4KrHjSM4tfIkDh3sgEd7Y4_5YIwa1cCHX1LHWoPc-_Z5FIAYON_CmM7W-w0V29rtYGV0tUHdxETLSuxMMrDqGjg9VJ-PG4l9H6hMpxsqI1NkzOWpQhsnoIwWNOjjyXzVsnfceX0Dny-cs7_bunVXK_-JDZw9jRiTPb5BQ&sai=AMfl-YRqhMZ_k4pugBG57qi0xNzxBCYWMyREI05uTnonjeEEzroP7Rcu7ZPyk8BkGzVdabU8cTkEpM8vxfhrZtbXkbKfkBNEA_je_1aThf1KId4_p8iyOiuqyIdENaTj66yAZoKnqK8PezjhZ9SCMTHVkhmnZXblYunQ4ie4QOCz488RS1SLfqXFk2V2VEX6mLAI_MrTBhfZ_C9ExM-_iYZ_mwzbEULZb1Eg6VekHq4YbeurudVA_3f8ZZ54So4y4SePh8U0lgB3b6L_OnraPkbVdDKjQiD19D_YMM4dEQDbvhu86f9yl3PnuibsnUWQ0C-VVeKrInYQJoYtO-nHvqiJ7II5mDX_Q0oaCSqiQ5liOMFefmRDaWfnLBiM_yUDtxH0jPes4CcnreTF3HojZa1lcnskcxuyCBGyBiN6U8lHxs7CRfNPAKkP79393aftx3Nr5oYWomc6ermMO7u7qiSCYVgucvYvsS5qBKf4VUoNbIP9Ev8YZ7OAXT77o5yv6qVXoy032K0&sig=Cg0ArKJSzOqx0yxIq_AsEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=261&cbvp=1&cstd=254&cisv=r20231206.42042&arae=0&ftch=1&adurl=
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 10 Dec 2023 14:06:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ai.aspx
m.exactag.com/ Frame F5E0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180662177&extPm=361198337&gdpr_consent=&gdpr=
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.14.248.91 Neukirchen-Vluyn, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Sun, 10 Dec 2023 14:06:23 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
So, 10 Dez 2023 02:06:23 GMT
X-ET-Code
11
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://googleads.g.doubleclick.net
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F66 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoNCAEqCWZ1bGwtc2xvdAokGgxidW5kbGVSb3dLZXkqFDE0MDg1MjYwMDAyNDczNDkxMjMyCgoIAioGc2VydmVyCg0QECEAAAAAoGTkQDAECg0QESEAAAAA8CL1QDAECg0QEiEAAAAAAAAiQDAECg0QEyEAAAAAAAAQQDAECg0QFyEAAACamb-SQDAECg0QFCEAAAAAID_6QDAECg0QFSEAAAAAAAAoQDAECg0QFiEAAAAAAAAYQDAECg0QGCEAAABmZqaTQDAECg0QMiEAAAAAIDPTPzAECg0QMyEAAAAAIDPTPzAECg0QNCEAAAAAIDPTPzAECg0QNSEAAAAAIDPTPzAECg0QNiEAAAAAIDPTPzAECg0QNyEAAAAAIDPTPzAECg0QOCEAAAAAAAD4PzAECg0QOSEAAADMzOSGQDAECg0QOiEAAACYmT2HQDAECg0QOyEAAABmZraSQDAECg0QPCEAAABmZraSQDAECg0QPSEAAABmZsCSQDAECg0QPiEAAABmZoiTQDAECg0QPyEAAABmZoiTQDAECg0QQCEAAABmZqiTQDAEEhpDUG4yOUpPRmhZTURGUnhqRlFnZGpEUUNRUSIjaHRtbDVfZGlzcGxheV91cGxvYWQvaHRtbDVfZXhpdF9hcGkoPA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d500f8b303efba9f5ab695bab8da4c89.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228386041287151305476%22,%22debug_reporting%22:true,%22destination%22:%22https://4kzgame.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%224%22:[%2212-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223068127432202209105%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 10 Dec 2023 14:06:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0DB6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
123635
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 03:45:48 GMT
expires
Sun, 08 Dec 2024 03:45:48 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8E9B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:23 GMT
expires
Sun, 10 Dec 2023 14:06:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:23 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DABB 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0a263ac7fff7dd63f407fe98f6f80f2ab4bb56cf8492ab2041af142fa31419e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5417 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:06:23 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 5417 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Dec 2023 04:12:33 GMT
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0C7A 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:06:23 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 0C7A 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 04:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 11 Dec 2023 04:12:33 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame E96E 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:21:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
121487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 04:21:36 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/logo.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1e5834e2c78be1669fa3143514b62754743b90577727c81e2ec2494fee93016
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 14:56:41 GMT
x-content-type-options
nosniff
age
169782
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39987
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 14:56:41 GMT
___52_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___52_2.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f9cb9696f28653fb77b90883be06d3ad4258f86c2e333da96799ea9481129c5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 19:55:52 GMT
x-content-type-options
nosniff
age
151831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6648
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 19:55:52 GMT
___50_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___50_1.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ae633a075b2645d916a9e3d096c5dae1e27f1416324202a8e194824edb86248
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 20:35:46 GMT
x-content-type-options
nosniff
age
149437
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6380
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 20:35:46 GMT
___49_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___49_2.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ac6e5508ce181a3db110c6e77dc1bfdd3f474c775dc5949388978c98b9fba6b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 20:35:46 GMT
x-content-type-options
nosniff
age
149437
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6806
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 20:35:46 GMT
___48_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___48_2.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd4e3ce62b5ffa50931f64771cefd93634cf7f8524bcbfeee074020412acd4ce
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 20:35:46 GMT
x-content-type-options
nosniff
age
149437
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6580
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 20:35:46 GMT
___40_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___40_2.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a29caae86cdeebdf24dcc1e1e7fd3e0ac49a39d6aac2b0ec954df4e4393ba26d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 20:35:46 GMT
x-content-type-options
nosniff
age
149437
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6477
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 20:35:46 GMT
___38_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___38_2.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4deb89f60d01ce4790cd5250718d89242a2660499cf729db3b02f0eb4fc196f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 21:41:03 GMT
x-content-type-options
nosniff
age
145520
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6809
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 21:41:03 GMT
___37_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___37_2.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e27f5443e8afa3d35f4cc01bb8403d6c6d29c223d107b7e5c4cd624dd6a2bfcb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 09 Dec 2023 11:58:50 GMT
x-content-type-options
nosniff
age
94053
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5512
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 11:58:50 GMT
___18.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___18.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3799335d46afe3a4a6257d5f1a0a3b88d9ed6cda9752eee2c1286443d2783c46
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 20:50:15 GMT
x-content-type-options
nosniff
age
148568
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2741
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 20:50:15 GMT
___14.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___14.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82cb2c78bba5ade94dadd2f5df506244a570313c5662459ba36d1bb5cd26ec58
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 20:35:46 GMT
x-content-type-options
nosniff
age
149437
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6857
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 20:35:46 GMT
___15.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___15.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aaf8461689700c96cc1d2dd9a7ba5318c3f2616f7deb3d5a58683c6e5f7a8254
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 17:02:03 GMT
x-content-type-options
nosniff
age
162260
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 17:02:03 GMT
___17.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___17.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e59882c1b483ce8a0b00b2812d4893de8aa45b158e3c1bafeffc38e42ee80184
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 08:51:06 GMT
x-content-type-options
nosniff
age
191717
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6038
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 08:51:06 GMT
___22.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___22.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed43871964ee6ab05f6c19dcb9684e40f25d227b4ca0b480d7dc5e57be474c7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 20:35:46 GMT
x-content-type-options
nosniff
age
149437
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6648
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 20:35:46 GMT
___21.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___21.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54d579ca1e1c51d84ba472317ad7a1d8dec4bd81dd11c8f091673208eda76d91
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 09 Dec 2023 07:04:14 GMT
x-content-type-options
nosniff
age
111729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7003
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 07:04:14 GMT
___19.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___19.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
beca446f73ac99cf23a4c81064e18874e335a68aa7d00fbfaca6e6a2cc6b315b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 09 Dec 2023 07:04:14 GMT
x-content-type-options
nosniff
age
111729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5824
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 07:04:14 GMT
___13.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___13.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
733174db60b2c988f15f6e39637535006b0157b0089e255d3eb573e69bab7261
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 14:19:56 GMT
x-content-type-options
nosniff
age
171987
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5918
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 14:19:56 GMT
___11.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___11.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62cad4de639c95854624e4e7565b97997a2a2d05e6abaea624823e7934f024d8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 09 Dec 2023 07:04:14 GMT
x-content-type-options
nosniff
age
111729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5444
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 07:04:14 GMT
___23.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___23.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83bcc5059495915aa7834612883991c05223d1dce9013d537e2c89e1b22590c2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 04:19:46 GMT
x-content-type-options
nosniff
age
207997
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6471
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 04:19:46 GMT
___24.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___24.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2814b08ced0ea2b76fbb225e71e4188fcac2d65b307882cc6a759ea0dee024f8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 09 Dec 2023 07:04:14 GMT
x-content-type-options
nosniff
age
111729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6532
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 07:04:14 GMT
___1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___1.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d5cc5e645ead9cbc3e2e135275ce97f89089196e082b4e4f9a99d4613f7294b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 09 Dec 2023 07:04:14 GMT
x-content-type-options
nosniff
age
111729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6270
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 07:04:14 GMT
___7.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___7.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59306218ecf46ddfc2a080addf969e55c734cca0c455c8881f9e2b5a7bcda2ac
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 09 Dec 2023 07:04:14 GMT
x-content-type-options
nosniff
age
111729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6673
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 07:04:14 GMT
___6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___6.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3f0d2d853d02738e53dd88e7065c20330ac81ac41cbf61a87f2339861b44a2d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 09 Dec 2023 07:04:14 GMT
x-content-type-options
nosniff
age
111729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6574
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 07:04:14 GMT
___30.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___30.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
446161f914ac33a89df2629d97389a6195ba120ec3f6c37e8dc8e522bb310c5d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 09 Dec 2023 07:04:14 GMT
x-content-type-options
nosniff
age
111729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6417
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 07:04:14 GMT
___4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___4.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b3e7d19bdcba39646b4783327242dede188f74a79c149005f6a97b065ebf2ff
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 16:24:54 GMT
x-content-type-options
nosniff
age
164489
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6241
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 16:24:54 GMT
___9.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___9.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
402979a6bf4f2c266c7cbf1d3ebbdaa9d265a4fd6d798e3985cfa962111ac8ed
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 20:50:15 GMT
x-content-type-options
nosniff
age
148568
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6352
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 20:50:15 GMT
___8.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___8.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e7a04d3db9002eaf0494ec925f259661b001d11604758c546b36e2dc262d199
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 07 Dec 2023 19:17:59 GMT
x-content-type-options
nosniff
age
240504
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5056
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Dec 2024 19:17:59 GMT
___2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___2.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e99683262e578e5c6904c02be62aab50a00f852c8712432aa0a68946f4caccc1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 14:19:56 GMT
x-content-type-options
nosniff
age
171987
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6259
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 14:19:56 GMT
___52_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___52_1.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f9cb9696f28653fb77b90883be06d3ad4258f86c2e333da96799ea9481129c5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 19:55:52 GMT
x-content-type-options
nosniff
age
151831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6648
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 19:55:52 GMT
___49_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___49_1.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ac6e5508ce181a3db110c6e77dc1bfdd3f474c775dc5949388978c98b9fba6b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 09 Dec 2023 08:55:20 GMT
x-content-type-options
nosniff
age
105063
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6806
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 08:55:20 GMT
___48_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___48_1.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd4e3ce62b5ffa50931f64771cefd93634cf7f8524bcbfeee074020412acd4ce
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 04:19:46 GMT
x-content-type-options
nosniff
age
207997
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6580
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 04:19:46 GMT
___40_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___40_1.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a29caae86cdeebdf24dcc1e1e7fd3e0ac49a39d6aac2b0ec954df4e4393ba26d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 09 Dec 2023 11:10:40 GMT
x-content-type-options
nosniff
age
96943
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6477
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 11:10:40 GMT
___38_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___38_1.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4deb89f60d01ce4790cd5250718d89242a2660499cf729db3b02f0eb4fc196f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 09 Dec 2023 17:08:49 GMT
x-content-type-options
nosniff
age
75454
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6809
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Dec 2024 17:08:49 GMT
___37_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/ Frame E96E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/___37_1.png
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e27f5443e8afa3d35f4cc01bb8403d6c6d29c223d107b7e5c4cd624dd6a2bfcb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14085260002473491232/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 08 Dec 2023 19:55:52 GMT
x-content-type-options
nosniff
age
151831
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5512
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 10:35:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 07 Dec 2024 19:55:52 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1A7D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:24 GMT
expires
Sun, 10 Dec 2023 14:06:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:24 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 95E4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 09:21:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
17080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Dec 2024 09:21:44 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 59B6 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNV-Xw3wM3B9-blC0G1MkLEzqTfrXQFpKRH8DlA0llH8MCpNdcxzjiqBYGLM2zFDy_-GI3hX9VKTb95GoxEjB0FGS-NCKgRQB96uAXXDD7tDmnUzE-Tx00qfrj6F6lrlvV2cDt_CUTlmGuRkND21WhM_WVcoZySfpPz0qC3qISHWXTb0q_Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2D35 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 10 Dec 2023 14:06:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 2D35 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 10:26:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
13177
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 10:26:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 2D35 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
62653
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 20:42:11 GMT
l
www.google.com/ads/measurement/ Frame 2D35 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFuEIvvuphrx1f_vS0JKu-WvzsOQyaE1cefC8TXdggsp0_E6mXS67YwXT-KH7isLz_B3pAxVuwo3QwfdB5MfuP5L_QZw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2D35 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 10 Dec 2023 14:06:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D35 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSxf8XdONIPfD3ODB939R6o05SDdPj_gWCDPyLY6saKVu2JWqgZl8vbEFvUsj2C_bvH2J2YT-A5n-dT28Ez3cMt-SujvBxedGq7LP7vcpEkk9-D78
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 0DB6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 09:21:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
17080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Dec 2024 09:21:44 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame D5C9 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:21:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
121488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 04:21:36 GMT
rum
dsum-sec.casalemedia.com/ Frame 59B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvjSoxfBMRo5kv4zwm6xQ0&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvjSoxfBMRo5kv4zwm6xQ0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNV-Xw3wM3B9-blC0G1MkLEzqTfrXQFpKRH8DlA0llH8MCpNdcxzjiqBYGLM2zFDy_-GI3hX9VKTb95GoxEjB0FGS-NCKgRQB96uAXXDD7tDmnUzE-Tx00qfrj6F6lrlvV2cDt_CUTlmGuRkND21WhM_WVcoZySfpPz0qC3qISHWXTb0q_Q
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89rXsfmLz%2FsZmaRZsm%2FwDy19rSSYIWnwclwZ2t%2BjAdX%2F1EH5JTr3P7xKi3ZXTXfRH5uO29H2gfGKO8Ex0fVjFVf55eyIyPETtQmIhL87jKsaZqxK64JCmAccsiJNhVXPBIgN6HjUHr8rXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83360c5938389070-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvjSoxfBMRo5kv4zwm6xQ0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 59B6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXXF31wrd1YRZQWxiMxZGQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvjSoxfBMRo5kv4zwm6xQ0&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvjSoxfBMRo5kv4zwm6xQ0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNV-Xw3wM3B9-blC0G1MkLEzqTfrXQFpKRH8DlA0llH8MCpNdcxzjiqBYGLM2zFDy_-GI3hX9VKTb95GoxEjB0FGS-NCKgRQB96uAXXDD7tDmnUzE-Tx00qfrj6F6lrlvV2cDt_CUTlmGuRkND21WhM_WVcoZySfpPz0qC3qISHWXTb0q_Q
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gg86heedQnJZUPm2LX0v1TmbX%2FdZvpVXipTLjx33VCzRqArEcEKcrNzAoUOx9vJNkRDHAiPto8D9%2F%2Fxlv%2FXy9lfdH3U4eaXSUHW%2BNPOAv7gTAoeDP3Ff%2FwxsK8xVPEjObtE4FHLc5p2iRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83360c59787b9070-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBvjSoxfBMRo5kv4zwm6xQ0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 59B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPhSATi9WATKyDut9JZDol4&google_cver=1
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPhSATi9WATKyDut9JZDol4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNV-Xw3wM3B9-blC0G1MkLEzqTfrXQFpKRH8DlA0llH8MCpNdcxzjiqBYGLM2zFDy_-GI3hX9VKTb95GoxEjB0FGS-NCKgRQB96uAXXDD7tDmnUzE-Tx00qfrj6F6lrlvV2cDt_CUTlmGuRkND21WhM_WVcoZySfpPz0qC3qISHWXTb0q_Q
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
an-x-request-uuid
08df654b-8281-47a6-ba5a-42ec8414fb07
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.135; 178.162.209.135; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPhSATi9WATKyDut9JZDol4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 59B6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1NTk5ODEyNzQyMzQxMzgzNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1NTk5ODEyNzQyMzQxMzgzNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY1O7NxQEwAQ&v=APEucNV-Xw3wM3B9-blC0G1MkLEzqTfrXQFpKRH8DlA0llH8MCpNdcxzjiqBYGLM2zFDy_-GI3hX9VKTb95GoxEjB0FGS-NCKgRQB96uAXXDD7tDmnUzE-Tx00qfrj6F6lrlvV2cDt_CUTlmGuRkND21WhM_WVcoZySfpPz0qC3qISHWXTb0q_Q
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
an-x-request-uuid
d6170146-ee86-42c0-9b7a-58ca3687ef38
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU1NTk5ODEyNzQyMzQxMzgzNA%3D%3D
x-proxy-origin
178.162.209.135; 178.162.209.135; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
ad.doubleclick.net/pcs/ Frame BB8D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsuiZetPDdLm8CD5rMibum1PfiCIwjZYBrORf5_Vv1zZOyOicPJ6mnHcuvoxs3GK37g8fRanikuLy1CLOvM2N6hxBPFKg1MvQa1I5PGOGPLLcGvK85BDiOZ63Z0Oixkwg_KfO6Imx3hO0o59wbHlQNZV4al3fxGNuKp4YDlCSOyphNxFFyaLulORf_eTTDq--WqwnVeyJsTghQ7-8VAC3keHVbH8E1eHRa1CF1z-G9LqkEq0bExmdInm6410Mzept_WwDSajppY32BoAX3TORoG31oDZ7hrMsGvvzyZU7H3igCr6sUSKMN1im32KstlnjEiuW17QKUd98lLDCIdq-Xdr6eV-0adpdnGMmegdqTDu_H0ozFtZ81RhasAUKljgWCE3h7PUO81ktIH68mx_7MxEZUJvdGY0dHqMP-Oi1A57b_qjnpCpuR9dmefQUs73snVeg_G86vp4iWFEEYkJu_cIv7z9bV40WrCjHZ2_D_3vdSnHLWUervxad12MNt4gb5IFR854DUTPrKNRuEK4-Ldz8GjHlmpoi784YJ0Nf4GPdidzACb-EVFf5dwkfWPGjam4iVKPwdEU__5NM1tPo2NeU4tsip6-GZ6BD3iizXWyU8nZusmpoTkO_B1AdrApB1tT88Ybdo5xEuIpO6hM4bQmxHE07CqBiuAWQupg6RV4bwcj_GvlMVMsiKxTeXgGUF_9jNTurQmNRfEnxc1yU7tY9AsS-EfioTESmzz6xoctpymGkWGPRzl6P9m9Ch2vtRDXPvr0lVvOnx-zSk9f2cd8J1MHBZp0aE3hkvB08P1Ui3qwlA2YpCNKnlj2u5YUxusCH9SCNp28KO19PdH9FOvH__Kz90zS9BMhuh9WD7ZnNDL2VwtogKhAayzjysKxnHYu8K1NlThctX5o1IBDjv1SeoVbwf2ltFTj90iM6UHHlPNFsNRPrma4d9URADb521c67ZveQcwcJV8uzLT0mwCzQZGveBRQZ60tyXamygcSW0IyeJ8pJDlFE_S187wAyMZO67RmfSQuMwchXFYWN8lMpVppXEWdyenfdVQXGHg96VqizhmvEyL4dlGnw6D6NB05fwCr22dzBCDd2taTc5SBJnt_wdKY3T5sbRXIRfw9tWhi4YT02n_kp7rls9rlrGW0vnpHigcawwXRwgKePRg7Y825chS7FtjGi6Hg_CZ-ttVTZ8NDNdKj6amJQ9OJhIJicn-x1tnGkthoedoTHURT_ELma7MZZYWhs7Xjc3Hp5Z5gDMvwQdckFsVy9J_AXIOj_HhtYCqmTyFQ72F9nd0iEYtGkg9B61K5mzRPxv8WKcNQSSZxE4mo0O_1-B8NVf5tVWS0xgkgHm8GdLKhgcR6ix75XA3oJ00iVrF0GYxykQdxeGUP_R8IzgAPjfForkrlEA&sai=AMfl-YRp-LYn60klAQKcRdHFdr7HJD7U5nfcYTVvtFUb-VUj_syhM7f4ImdqBLdrjnV7v0CryncWn1GDlBTX88E1L9l8o1jwLred9PD6peEVGaRrHxSp5-ZjyqmTuMKGgVupHuc1ooIDUTqI5kw20rUneov4g31eoR-tiZXqI-MMnX6Yn2yXvsujZ8wCkrepFHRp-tHw_htrGnKdcqKq5HOcfOFCX5D0YUnP32XOicwj8pMKOxBo2KxtrDg7GAesrG52_NHpjRy5zLocjKv3J_YyzLwAw1fwDOGhRv5CFw15sRk9tvtCyBgKcwuvV4br49sZP2SbZ-6_x3Ui9APOQqrU8E8S96BwUqntk7iXXdQm7QRmrHpF0fvgtSQM6SzTWL-ByY5KvQHHXMm_WPM-HmpsunVO3M6hdcXi3Rqz0FUTMFkCLENlIKJ6GdL0Vxnu8QhKCi4YvuHorzeBY86B5iHPZocIEwb_fyqPbs9o5p_b2z5yYPlU2R3jkYh5dG4x1-ClaLQ1JdI&sig=Cg0ArKJSzImmN4T2-e47EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=662&vt=11&dtpt=402&dett=3&cstd=250&cisv=r20231206.22093&arae=0&ftch=1&adurl=
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame F5E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjstaG4nrq2n8jrmY7QqOX3fzyykFxAcGenVd8rfPgTczBZMOo412zJxC33KsKNqzUQQ44iefzaSroMcRYktRQATOsDjBP8doPmcCUwoFx3ppT1JJ9sxNk2rjxWBftgZttfZpF4XT8wwHAVyunz5x0k1NJ7n0z7B1F5BpP7CB59xnokb95WqmbicpkCK1u0YEkoa2V5Utm3dThf4l3KgQ_aeSaH9_82NaqW_dXLl0jNTOYwuph9h01P0UmKAbd6-LaPR3OH1-ERSQVfvPqrofpIBKuN_Rbpj04LyIBSoJi3cZbywl3ZXX5CFEWAVsXcf4QEpc1d6WSsI0kJeeez_yGz_6JQ6i_-KnOMpQt0oZQkirh9QBuP1k4MSOpgDd8Q2BS2cHeylkWPKKIfp00M57-ozQtttjpDUkc4sedb5Z3SjImK_CsOp5-3n0U-nPLCJRI2M-1lDNmPZPOUUpjl0sgj4bJk2Qyv5-Gnh2bXZRA7k8aJzAwvaE6pZACDrqgTiYPlqcEgHHuBVTJHv2LbFSQBlqZQZY9m3N-Ub4aR3YEIxGcFyOin-du_CE6LdHKe247A1JX6OLnpPawmhDlDaYqTUnX7pO2BoM1rcBxcl9B4QXv4dbPoVbBoekxNegeu6F_kozsyMqFjdLmIPMWkRwA-xoSRKheBlrAzmfxNXL07EhzLnhdtDzbgnGJBFyE3f-CCQUCrc_etVxBJ6zIzO168TuJ5PbATg-GqNQDxgBYnnz0v01qA3s_TX9TVvdTWdQySaRLq5YOLrFKAps7eEwV5xEThIEE7tSM8BxarArNKkbBifN4-_AXQaMc6PRep1fzlORNIE1Kz9p47HIP2X5naNCdPcczFCKRZt0-UQJUd47pD9nVflHc_QBQyzzNFsvCHZYqD-eYhT9ZjpII_FZ0Gu64dqXSLtXcz_ngR4xy543P8TnhJUICo3Sa5eeYTmD9IHUTIxp2D0iJ48OXJ3ivxsctskJkCLJZ8uKibjc7CCgDvDpxdv7o5snTqXeohwreSZ25YevTrrKZUEgqVB4gCTTvYwyQYRuKGNS0Qvs_UOvgNaZiOt99WdmvKu4-rfPhSSs7VQbSeo6RL-sQY3oJyJhersVEeJG5LLyrl4U_42MwgFHX2jiScoUnpK3vkbFpJOhwU4xfB4aNZqQKJJgrUlKuXzOtIDbHKH4kxYwSgG5325o4o2Di2qVb4F3FX4dpxtTzTfWC3uEsHwZeKDLgiq15YMhr7NsW4KrHjSM4tfIkDh3sgEd7Y4_5YIwa1cCHX1LHWoPc-_Z5FIAYON_CmM7W-w0V29rtYGV0tUHdxETLSuxMMrDqGjg9VJ-PG4l9H6hMpxsqI1NkzOWpQhsnoIwWNOjjyXzVsnfceX0Dny-cs7_bunVXK_-JDZw9jRiTPb5BQ&sai=AMfl-YRqhMZ_k4pugBG57qi0xNzxBCYWMyREI05uTnonjeEEzroP7Rcu7ZPyk8BkGzVdabU8cTkEpM8vxfhrZtbXkbKfkBNEA_je_1aThf1KId4_p8iyOiuqyIdENaTj66yAZoKnqK8PezjhZ9SCMTHVkhmnZXblYunQ4ie4QOCz488RS1SLfqXFk2V2VEX6mLAI_MrTBhfZ_C9ExM-_iYZ_mwzbEULZb1Eg6VekHq4YbeurudVA_3f8ZZ54So4y4SePh8U0lgB3b6L_OnraPkbVdDKjQiD19D_YMM4dEQDbvhu86f9yl3PnuibsnUWQ0C-VVeKrInYQJoYtO-nHvqiJ7II5mDX_Q0oaCSqiQ5liOMFefmRDaWfnLBiM_yUDtxH0jPes4CcnreTF3HojZa1lcnskcxuyCBGyBiN6U8lHxs7CRfNPAKkP79393aftx3Nr5oYWomc6ermMO7u7qiSCYVgucvYvsS5qBKf4VUoNbIP9Ev8YZ7OAXT77o5yv6qVXoy032K0&sig=Cg0ArKJSzOqx0yxIq_AsEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9sdWZ0aGFuc2EuY29tLGh0dHBzOi8vZXhhY3RhZy5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=622&vt=11&dtpt=361&dett=3&cstd=254&cisv=r20231206.42042&arae=0&ftch=1&adurl=
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame BB8D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a59ad49987df942166b93ba04eb1302797b996f62a912ae48420d83ebe19e2a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame F5E0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cfd9cd5ef922e6f5eadecb187243c97a6616b4b419812d9186326aa0f98f93b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame 7441 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 04:21:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
121488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 08 Dec 2024 04:21:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D35 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2065879191481&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D35 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2065879191481&version=m202309260101&ct=76&x=1&cor=7981308672743146000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2D35 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwqwaMjh2I9vwPGYYsPYahA1x9yeOkA9ug_C8lNmEzRlN3U_hloLr7VCOEpQdOtxEi95hjG8Yk23ANrFnxo4ffwARrBrHKqzTNqcw2GJuuu_cNtj1i1Fam5VapcTonfEXQtJN1mmzGC-O9tp0b--kKwArJAXhh5NZROXInIFHDlgJ3nEs&dbm_d=AKAmf-Bk2vsYnszBEQy7Soj5wjot04Z5esa3r9_Q-5m8nEP_UT-8xgZiw7jvZ4LIiXO6MjDYaKhj_dMvt0oLJptTfzrU8Aktn0W4hs5GMjbUdamf9sivqOudSU2RVUakL3IHlRGppYJsrHeu6yVRL5nPa1nvVeawKBOaATijkib7-SbEjnYLwFmPQC2zrJCsq82ubE7dnM4P0GutyKkFW37FmWhu264cKI3A8BG-Wum40Vz1anCmGubSIotJSNElXVXzAqo5h2oym-_oJBI3FAucYSaAkvdx4UdFtjpt10XqZkoKCxRWAwujvGss3_4b09xvn8VWOivhYwFngKYuZGf0dwx7OQNClUuM32F2IpZxxvc_BXfgNpxL_79FIlvQxxbR8q34kamVw_CTAIEr4z2JdgcGMyKNXdM74wmXb0SdvhPRue8YNtl9Z38SecjuvtnIo8pE03e_OJr5w6rRz1AiZNq5znRFU-Fng8KAd5hyA4KG6Br1nTuA3tL54FUYZnSivF9dndHX1diy2t1qdgp8XwNmnB7aU76rh0idzfZirvj78qKeW71L_LobaTuIJEG3FS7HC-hvHkorWZSAWnxIj7G-OJDbtVIyP7Pc2q3Uuru5N2WsFDg6K3A51sKLgMCPC7kxXUhAc0vM77G-_h93LkA4ixQbpYuv2HAGM-CEwlo5oCZiD1UQXJEj58minN0T40aANfadKzaZbvwNUhNk3l5TGQ4vX3anFi5iWmc38Bf1tZQu-XvH7oXMa7fXhJ-EDJN3bIBY_99EClOrvBaC5x2FWr0CDOjGQPi4PVwLkQe4Z6aInfy88EiTCVua45fn5Ujh_S1wLUxdrgSwNOZTUIz9IzXOTRp0CBwPYO_Rq29Zq7IO1WvdbFDIuaoDkJOP-cvgj4ITIkTfgzWbCi_PTpmobhEUQMVhGjG4olRsZMpg1GMe3C0iQUgEo4XScsHPpU5_rRaYLYOlYdEaiNaawXTjVVqyFQu_1lbYsaBs55O0Joc8EgVc9yzVGRIXIVo4mTXG3-OL-Jf_yik90IgjS-IV43H_A-5W5rG0hmvq_po8QUXVO8Bz5L12EKM2PyJSIsJk84IxxHhLTIkDnqZHZwOY-RgglYjn-iEpTvkEqevkC7ZQK416iE1_D9wd_3GI352WqnCOF_t-F0A44RonSCIPDekcUs0MkC2CxJ3TxWDI9zZszsAI5RzOW0Bk5LFl20Ypa-7MPxZPB6cHD9NCHKuZm0UCVLlFkyrKPHALG8kWTIUBdA167INnXiQHcH17GRXpugVWMu0T8S1F17qukv3Ex4sSTR2mKdcQLqfz0ytm_c7AHx9-ryHZk4VnfNVPOSJY8Qpmha9QWdUg0lLgsmwdqdpoam7FH1-EITWwIh67zbyB3Ql2HX0C1eE2THCjAgOAQBBLnxfjSf7bYa-saInVO3KOwUk-MbYNw71LZQJULe5YkP4ogQnht9WV1OVBSKhuz8luMtRwDdTkJ3SzkzHo5yw2Zm8ZSTszOScgad0iX5zME1bZF6JIYhVschP0F4nTOvmMZ_z4AnnijkCJdxB9AizRRNZZv9EQRMZQ0LGvQ6hWLJediZtxZW284_4g6ydGYO1bZJRzVPecu5tOE8DlAAD0O9F-Y0yPuKnlVOzivaPBr38WPHp0Mo2ryj8sG6Spo-8jpk4aYwETBBHf_jUde5IjB1xrLl50zUB4S_ab139xnqkYCDsuqQPTPQFYCYTC77nuv5Gg_lazbeYseU5yUjj5yl9Mf6LwgDanQkPpwpQGKBUvoFBAxLFmTE562q4yVW7yc1Uw2V9rsOkhZASxLI52WHxCISgqAHLgh9HSpnJd3POvdADdNyYbnFFuy9F6TNo6ppzbrOCPRSH6EH8FTiBlWPdSPOK1L1bH9n6xCAvzZTfohjuFx_vlOP3oQDznfHp1FTmIVNYhmMZzNPEMciNaHki-HbbLpGAHrCS_fYkc_LDO1ulqDmQhBnwNfrUUmcy5m8aS35xs8DglcHUjcwvp65uEXuNnuYmQddDQTGErEs7Yklu4qXnzzy1ROH7ySIo-zGliVG6DaszTdYYr4Fy9Pp1JEonFZCNEKDaO5vVcWCtzHbA8ImdIuaaDZegNE_d-KTl1ygSWWXdaUEyB4rK61qXU2Wa38LPTxDJ5gYxjGv79Sk0rZ9_CcYISOx2zTjUfIAZaok6QsGzIAVxNXUPngTmamxLyfrA2dZgasPwM-nugUtaDWDGPs7SGM9OxlhxJz_6U3kn7SXWDOKtcVgkEQHLRng2jS0y-Qj90wQTkjfmGLbyBKds6zVwbbev1vRL29C_1E6hFVnttql5IchQbT0wTl2KckrTEk9h5Ifa1xcBKjKIupDrK9mKU5CVWjNK4LWLZ4wqFl9ZhhLxUPBlA0Owxz-T9Oru2htDBVHXow7TmDIcOfjJSJZJ3tilptgSP77HjpW6a82M9pxOIXyR2iAjcQzlfNTM92tK4EuCVVbRnE22CpJRi9SaBPrkkyuBJwZ-TVBHQ_VP3c-H0kF-7MoIcnhypBufq02Ef15DY4aJz2IvUrvV2qqc7OOvk4USGdE7cHFy04CRcUBSnL5-1jHlfjDnsbPksH5teKSyIHrvcJ-WwlVIvbbB6BHJRRmigs8aMiRQHYSu5JHN3ypmrn9UI9-P986dlaLQVQW046PyxBbUft6X7x8leTjhrdZmCSi5vN1Cq12XnoVE4W-SRaug-nC0wto4orrCmVJsng2LyjhfsHYWYZaUrx4GVLxAXUdvdb-gXUM33J3ZadKXiOzeqKulLi7tMZqnQgMD35NeMFbCrHKKcgvd9jy2raLC-8Udjx_FgaZ2LPc13PlK2O3iFluVdAqpvnwL_LdY2lIEy2FsnWgfg1rFTeRgxaf_Ru3PaokW5DTSy5jOKednsP42fyyMwtma5BaAVGcB1zthr6abCDXlT4ItV-zsH1t3Tt6hBa4yvyzt57wNbJ5ch8A9bhw7oHLh56DR7NLQPgET8Lt_LrE8XiBk_3V5_BTwdbYwwGE-EmWR-oUwcTpqb9RgaeQ8jw4rJ-Sm2snMUF_UXaPMweAizQ9E7VVAvpndGFu2wEfh2H7mnh9L3wkXIljaS7lelCKfEs8AbGW3G_XM8xt9MgqxFgkFkPcfxIY4vDVUXMyfd5gJIiZmGSzZlgyQnCPji_qzYBIO-VRsfwhg4atgiaE-9Mq6Xif5Lr4etEYNIqNqbelAA1rcvCWdeTDeBtPSXMg0LAK88Y4KnO7OHJfpoxx25iWzYYQi8OwrhrZZVz65CWX9qmDuvl0GqIQV7-q1gKN4GEqTxtgd3D-rwmPhRQqDZ5PqIOz9svPVbbDeAHJl_QARqo2r7gMt9M3odfx7_MRucrZfnlK-RRUe7ZFyKyDwARpbTUcsobnFjmkekG9d_mHjVoSsfILBZbPEaRxWJyxNSrnOy2U7Z6KdXZOw8l8DlUpBcy2hRpVPqO-7ZwJBSn2OmfIYQI2iNQ1uzZTEMw0TSJEmEGkhlkDYckmmhKtFyFdb06mIzOSBK0S4mkW9ymu9cCEkpTRXVq25alMMPSoue2eOWRHydoVaoD1P22x9E8bVnXHzYQQER6YJsd74tMaeAzKddn5HL0nBAaV8mQ5E3K7jptzu14S5dSOHRcjUu-q7OllCyvWV_tDFrgi3NYi2zdEh6OvLttfLjrda23O0qr_DgeCf9GpihxaLY4uLW-S-tskPfwFxi&cid=CAQSPADICaaNa5j_bwwXn3AEXlZsOh_0XthYu2wlgsnKjU7Q8m0-sTW0_C3iOsDGgVmm-hVkzfJ6sYIw-ZdRZRgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.glitterfy.com%2F&ds=l&xdt=1&iif=1&cor=7981308672743146000&adk=1761367584&idt=106&cac=0&dtd=11
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1dcc62b4a4a3dd90ad246abc071d80df32cfd2231b1cde4d097a6411c38bdcee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41494
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 0C7A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 13:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
649
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:10:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0C7A 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ec2baf275e8f580a9df15608d10d9f2f453d8309db947db14e2aa1fe56a435b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5933
x-xss-protection
0
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame 5417 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 13:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
649
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1100
x-xss-protection
0
last-modified
Fri, 05 May 2023 10:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:10:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5417 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7727eab7ce8001b752567b102ba3dde618b1a800f0225f7d6ea7d1a162b1f68a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5993
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634096/ Frame 2D35 		256 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634096/skeleton.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4792976128368202&ias_chanId=1&ias_placementId=20338656165&bidurl=http://www.glitterfy.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g-6j8wufwU56MSjqCDhgca
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.95.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-95-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
969797e2216e9c272544e815f684f78bac072464e9c1d21e22baca4077076fcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 2D35 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62385
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 20:46:39 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 2D35 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwqwaMjh2I9vwPGYYsPYahA1x9yeOkA9ug_C8lNmEzRlN3U_hloLr7VCOEpQdOtxEi95hjG8Yk23ANrFnxo4ffwARrBrHKqzTNqcw2GJuuu_cNtj1i1Fam5VapcTonfEXQtJN1mmzGC-O9tp0b--kKwArJAXhh5NZROXInIFHDlgJ3nEs&dbm_d=AKAmf-Bk2vsYnszBEQy7Soj5wjot04Z5esa3r9_Q-5m8nEP_UT-8xgZiw7jvZ4LIiXO6MjDYaKhj_dMvt0oLJptTfzrU8Aktn0W4hs5GMjbUdamf9sivqOudSU2RVUakL3IHlRGppYJsrHeu6yVRL5nPa1nvVeawKBOaATijkib7-SbEjnYLwFmPQC2zrJCsq82ubE7dnM4P0GutyKkFW37FmWhu264cKI3A8BG-Wum40Vz1anCmGubSIotJSNElXVXzAqo5h2oym-_oJBI3FAucYSaAkvdx4UdFtjpt10XqZkoKCxRWAwujvGss3_4b09xvn8VWOivhYwFngKYuZGf0dwx7OQNClUuM32F2IpZxxvc_BXfgNpxL_79FIlvQxxbR8q34kamVw_CTAIEr4z2JdgcGMyKNXdM74wmXb0SdvhPRue8YNtl9Z38SecjuvtnIo8pE03e_OJr5w6rRz1AiZNq5znRFU-Fng8KAd5hyA4KG6Br1nTuA3tL54FUYZnSivF9dndHX1diy2t1qdgp8XwNmnB7aU76rh0idzfZirvj78qKeW71L_LobaTuIJEG3FS7HC-hvHkorWZSAWnxIj7G-OJDbtVIyP7Pc2q3Uuru5N2WsFDg6K3A51sKLgMCPC7kxXUhAc0vM77G-_h93LkA4ixQbpYuv2HAGM-CEwlo5oCZiD1UQXJEj58minN0T40aANfadKzaZbvwNUhNk3l5TGQ4vX3anFi5iWmc38Bf1tZQu-XvH7oXMa7fXhJ-EDJN3bIBY_99EClOrvBaC5x2FWr0CDOjGQPi4PVwLkQe4Z6aInfy88EiTCVua45fn5Ujh_S1wLUxdrgSwNOZTUIz9IzXOTRp0CBwPYO_Rq29Zq7IO1WvdbFDIuaoDkJOP-cvgj4ITIkTfgzWbCi_PTpmobhEUQMVhGjG4olRsZMpg1GMe3C0iQUgEo4XScsHPpU5_rRaYLYOlYdEaiNaawXTjVVqyFQu_1lbYsaBs55O0Joc8EgVc9yzVGRIXIVo4mTXG3-OL-Jf_yik90IgjS-IV43H_A-5W5rG0hmvq_po8QUXVO8Bz5L12EKM2PyJSIsJk84IxxHhLTIkDnqZHZwOY-RgglYjn-iEpTvkEqevkC7ZQK416iE1_D9wd_3GI352WqnCOF_t-F0A44RonSCIPDekcUs0MkC2CxJ3TxWDI9zZszsAI5RzOW0Bk5LFl20Ypa-7MPxZPB6cHD9NCHKuZm0UCVLlFkyrKPHALG8kWTIUBdA167INnXiQHcH17GRXpugVWMu0T8S1F17qukv3Ex4sSTR2mKdcQLqfz0ytm_c7AHx9-ryHZk4VnfNVPOSJY8Qpmha9QWdUg0lLgsmwdqdpoam7FH1-EITWwIh67zbyB3Ql2HX0C1eE2THCjAgOAQBBLnxfjSf7bYa-saInVO3KOwUk-MbYNw71LZQJULe5YkP4ogQnht9WV1OVBSKhuz8luMtRwDdTkJ3SzkzHo5yw2Zm8ZSTszOScgad0iX5zME1bZF6JIYhVschP0F4nTOvmMZ_z4AnnijkCJdxB9AizRRNZZv9EQRMZQ0LGvQ6hWLJediZtxZW284_4g6ydGYO1bZJRzVPecu5tOE8DlAAD0O9F-Y0yPuKnlVOzivaPBr38WPHp0Mo2ryj8sG6Spo-8jpk4aYwETBBHf_jUde5IjB1xrLl50zUB4S_ab139xnqkYCDsuqQPTPQFYCYTC77nuv5Gg_lazbeYseU5yUjj5yl9Mf6LwgDanQkPpwpQGKBUvoFBAxLFmTE562q4yVW7yc1Uw2V9rsOkhZASxLI52WHxCISgqAHLgh9HSpnJd3POvdADdNyYbnFFuy9F6TNo6ppzbrOCPRSH6EH8FTiBlWPdSPOK1L1bH9n6xCAvzZTfohjuFx_vlOP3oQDznfHp1FTmIVNYhmMZzNPEMciNaHki-HbbLpGAHrCS_fYkc_LDO1ulqDmQhBnwNfrUUmcy5m8aS35xs8DglcHUjcwvp65uEXuNnuYmQddDQTGErEs7Yklu4qXnzzy1ROH7ySIo-zGliVG6DaszTdYYr4Fy9Pp1JEonFZCNEKDaO5vVcWCtzHbA8ImdIuaaDZegNE_d-KTl1ygSWWXdaUEyB4rK61qXU2Wa38LPTxDJ5gYxjGv79Sk0rZ9_CcYISOx2zTjUfIAZaok6QsGzIAVxNXUPngTmamxLyfrA2dZgasPwM-nugUtaDWDGPs7SGM9OxlhxJz_6U3kn7SXWDOKtcVgkEQHLRng2jS0y-Qj90wQTkjfmGLbyBKds6zVwbbev1vRL29C_1E6hFVnttql5IchQbT0wTl2KckrTEk9h5Ifa1xcBKjKIupDrK9mKU5CVWjNK4LWLZ4wqFl9ZhhLxUPBlA0Owxz-T9Oru2htDBVHXow7TmDIcOfjJSJZJ3tilptgSP77HjpW6a82M9pxOIXyR2iAjcQzlfNTM92tK4EuCVVbRnE22CpJRi9SaBPrkkyuBJwZ-TVBHQ_VP3c-H0kF-7MoIcnhypBufq02Ef15DY4aJz2IvUrvV2qqc7OOvk4USGdE7cHFy04CRcUBSnL5-1jHlfjDnsbPksH5teKSyIHrvcJ-WwlVIvbbB6BHJRRmigs8aMiRQHYSu5JHN3ypmrn9UI9-P986dlaLQVQW046PyxBbUft6X7x8leTjhrdZmCSi5vN1Cq12XnoVE4W-SRaug-nC0wto4orrCmVJsng2LyjhfsHYWYZaUrx4GVLxAXUdvdb-gXUM33J3ZadKXiOzeqKulLi7tMZqnQgMD35NeMFbCrHKKcgvd9jy2raLC-8Udjx_FgaZ2LPc13PlK2O3iFluVdAqpvnwL_LdY2lIEy2FsnWgfg1rFTeRgxaf_Ru3PaokW5DTSy5jOKednsP42fyyMwtma5BaAVGcB1zthr6abCDXlT4ItV-zsH1t3Tt6hBa4yvyzt57wNbJ5ch8A9bhw7oHLh56DR7NLQPgET8Lt_LrE8XiBk_3V5_BTwdbYwwGE-EmWR-oUwcTpqb9RgaeQ8jw4rJ-Sm2snMUF_UXaPMweAizQ9E7VVAvpndGFu2wEfh2H7mnh9L3wkXIljaS7lelCKfEs8AbGW3G_XM8xt9MgqxFgkFkPcfxIY4vDVUXMyfd5gJIiZmGSzZlgyQnCPji_qzYBIO-VRsfwhg4atgiaE-9Mq6Xif5Lr4etEYNIqNqbelAA1rcvCWdeTDeBtPSXMg0LAK88Y4KnO7OHJfpoxx25iWzYYQi8OwrhrZZVz65CWX9qmDuvl0GqIQV7-q1gKN4GEqTxtgd3D-rwmPhRQqDZ5PqIOz9svPVbbDeAHJl_QARqo2r7gMt9M3odfx7_MRucrZfnlK-RRUe7ZFyKyDwARpbTUcsobnFjmkekG9d_mHjVoSsfILBZbPEaRxWJyxNSrnOy2U7Z6KdXZOw8l8DlUpBcy2hRpVPqO-7ZwJBSn2OmfIYQI2iNQ1uzZTEMw0TSJEmEGkhlkDYckmmhKtFyFdb06mIzOSBK0S4mkW9ymu9cCEkpTRXVq25alMMPSoue2eOWRHydoVaoD1P22x9E8bVnXHzYQQER6YJsd74tMaeAzKddn5HL0nBAaV8mQ5E3K7jptzu14S5dSOHRcjUu-q7OllCyvWV_tDFrgi3NYi2zdEh6OvLttfLjrda23O0qr_DgeCf9GpihxaLY4uLW-S-tskPfwFxi&cid=CAQSPADICaaNa5j_bwwXn3AEXlZsOh_0XthYu2wlgsnKjU7Q8m0-sTW0_C3iOsDGgVmm-hVkzfJ6sYIw-ZdRZRgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.glitterfy.com%2F&ds=l&xdt=1&iif=1&cor=7981308672743146000&adk=1761367584&idt=106&cac=0&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:00:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
327
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 24 Dec 2023 14:00:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 2D35 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CwqwaMjh2I9vwPGYYsPYahA1x9yeOkA9ug_C8lNmEzRlN3U_hloLr7VCOEpQdOtxEi95hjG8Yk23ANrFnxo4ffwARrBrHKqzTNqcw2GJuuu_cNtj1i1Fam5VapcTonfEXQtJN1mmzGC-O9tp0b--kKwArJAXhh5NZROXInIFHDlgJ3nEs&dbm_d=AKAmf-Bk2vsYnszBEQy7Soj5wjot04Z5esa3r9_Q-5m8nEP_UT-8xgZiw7jvZ4LIiXO6MjDYaKhj_dMvt0oLJptTfzrU8Aktn0W4hs5GMjbUdamf9sivqOudSU2RVUakL3IHlRGppYJsrHeu6yVRL5nPa1nvVeawKBOaATijkib7-SbEjnYLwFmPQC2zrJCsq82ubE7dnM4P0GutyKkFW37FmWhu264cKI3A8BG-Wum40Vz1anCmGubSIotJSNElXVXzAqo5h2oym-_oJBI3FAucYSaAkvdx4UdFtjpt10XqZkoKCxRWAwujvGss3_4b09xvn8VWOivhYwFngKYuZGf0dwx7OQNClUuM32F2IpZxxvc_BXfgNpxL_79FIlvQxxbR8q34kamVw_CTAIEr4z2JdgcGMyKNXdM74wmXb0SdvhPRue8YNtl9Z38SecjuvtnIo8pE03e_OJr5w6rRz1AiZNq5znRFU-Fng8KAd5hyA4KG6Br1nTuA3tL54FUYZnSivF9dndHX1diy2t1qdgp8XwNmnB7aU76rh0idzfZirvj78qKeW71L_LobaTuIJEG3FS7HC-hvHkorWZSAWnxIj7G-OJDbtVIyP7Pc2q3Uuru5N2WsFDg6K3A51sKLgMCPC7kxXUhAc0vM77G-_h93LkA4ixQbpYuv2HAGM-CEwlo5oCZiD1UQXJEj58minN0T40aANfadKzaZbvwNUhNk3l5TGQ4vX3anFi5iWmc38Bf1tZQu-XvH7oXMa7fXhJ-EDJN3bIBY_99EClOrvBaC5x2FWr0CDOjGQPi4PVwLkQe4Z6aInfy88EiTCVua45fn5Ujh_S1wLUxdrgSwNOZTUIz9IzXOTRp0CBwPYO_Rq29Zq7IO1WvdbFDIuaoDkJOP-cvgj4ITIkTfgzWbCi_PTpmobhEUQMVhGjG4olRsZMpg1GMe3C0iQUgEo4XScsHPpU5_rRaYLYOlYdEaiNaawXTjVVqyFQu_1lbYsaBs55O0Joc8EgVc9yzVGRIXIVo4mTXG3-OL-Jf_yik90IgjS-IV43H_A-5W5rG0hmvq_po8QUXVO8Bz5L12EKM2PyJSIsJk84IxxHhLTIkDnqZHZwOY-RgglYjn-iEpTvkEqevkC7ZQK416iE1_D9wd_3GI352WqnCOF_t-F0A44RonSCIPDekcUs0MkC2CxJ3TxWDI9zZszsAI5RzOW0Bk5LFl20Ypa-7MPxZPB6cHD9NCHKuZm0UCVLlFkyrKPHALG8kWTIUBdA167INnXiQHcH17GRXpugVWMu0T8S1F17qukv3Ex4sSTR2mKdcQLqfz0ytm_c7AHx9-ryHZk4VnfNVPOSJY8Qpmha9QWdUg0lLgsmwdqdpoam7FH1-EITWwIh67zbyB3Ql2HX0C1eE2THCjAgOAQBBLnxfjSf7bYa-saInVO3KOwUk-MbYNw71LZQJULe5YkP4ogQnht9WV1OVBSKhuz8luMtRwDdTkJ3SzkzHo5yw2Zm8ZSTszOScgad0iX5zME1bZF6JIYhVschP0F4nTOvmMZ_z4AnnijkCJdxB9AizRRNZZv9EQRMZQ0LGvQ6hWLJediZtxZW284_4g6ydGYO1bZJRzVPecu5tOE8DlAAD0O9F-Y0yPuKnlVOzivaPBr38WPHp0Mo2ryj8sG6Spo-8jpk4aYwETBBHf_jUde5IjB1xrLl50zUB4S_ab139xnqkYCDsuqQPTPQFYCYTC77nuv5Gg_lazbeYseU5yUjj5yl9Mf6LwgDanQkPpwpQGKBUvoFBAxLFmTE562q4yVW7yc1Uw2V9rsOkhZASxLI52WHxCISgqAHLgh9HSpnJd3POvdADdNyYbnFFuy9F6TNo6ppzbrOCPRSH6EH8FTiBlWPdSPOK1L1bH9n6xCAvzZTfohjuFx_vlOP3oQDznfHp1FTmIVNYhmMZzNPEMciNaHki-HbbLpGAHrCS_fYkc_LDO1ulqDmQhBnwNfrUUmcy5m8aS35xs8DglcHUjcwvp65uEXuNnuYmQddDQTGErEs7Yklu4qXnzzy1ROH7ySIo-zGliVG6DaszTdYYr4Fy9Pp1JEonFZCNEKDaO5vVcWCtzHbA8ImdIuaaDZegNE_d-KTl1ygSWWXdaUEyB4rK61qXU2Wa38LPTxDJ5gYxjGv79Sk0rZ9_CcYISOx2zTjUfIAZaok6QsGzIAVxNXUPngTmamxLyfrA2dZgasPwM-nugUtaDWDGPs7SGM9OxlhxJz_6U3kn7SXWDOKtcVgkEQHLRng2jS0y-Qj90wQTkjfmGLbyBKds6zVwbbev1vRL29C_1E6hFVnttql5IchQbT0wTl2KckrTEk9h5Ifa1xcBKjKIupDrK9mKU5CVWjNK4LWLZ4wqFl9ZhhLxUPBlA0Owxz-T9Oru2htDBVHXow7TmDIcOfjJSJZJ3tilptgSP77HjpW6a82M9pxOIXyR2iAjcQzlfNTM92tK4EuCVVbRnE22CpJRi9SaBPrkkyuBJwZ-TVBHQ_VP3c-H0kF-7MoIcnhypBufq02Ef15DY4aJz2IvUrvV2qqc7OOvk4USGdE7cHFy04CRcUBSnL5-1jHlfjDnsbPksH5teKSyIHrvcJ-WwlVIvbbB6BHJRRmigs8aMiRQHYSu5JHN3ypmrn9UI9-P986dlaLQVQW046PyxBbUft6X7x8leTjhrdZmCSi5vN1Cq12XnoVE4W-SRaug-nC0wto4orrCmVJsng2LyjhfsHYWYZaUrx4GVLxAXUdvdb-gXUM33J3ZadKXiOzeqKulLi7tMZqnQgMD35NeMFbCrHKKcgvd9jy2raLC-8Udjx_FgaZ2LPc13PlK2O3iFluVdAqpvnwL_LdY2lIEy2FsnWgfg1rFTeRgxaf_Ru3PaokW5DTSy5jOKednsP42fyyMwtma5BaAVGcB1zthr6abCDXlT4ItV-zsH1t3Tt6hBa4yvyzt57wNbJ5ch8A9bhw7oHLh56DR7NLQPgET8Lt_LrE8XiBk_3V5_BTwdbYwwGE-EmWR-oUwcTpqb9RgaeQ8jw4rJ-Sm2snMUF_UXaPMweAizQ9E7VVAvpndGFu2wEfh2H7mnh9L3wkXIljaS7lelCKfEs8AbGW3G_XM8xt9MgqxFgkFkPcfxIY4vDVUXMyfd5gJIiZmGSzZlgyQnCPji_qzYBIO-VRsfwhg4atgiaE-9Mq6Xif5Lr4etEYNIqNqbelAA1rcvCWdeTDeBtPSXMg0LAK88Y4KnO7OHJfpoxx25iWzYYQi8OwrhrZZVz65CWX9qmDuvl0GqIQV7-q1gKN4GEqTxtgd3D-rwmPhRQqDZ5PqIOz9svPVbbDeAHJl_QARqo2r7gMt9M3odfx7_MRucrZfnlK-RRUe7ZFyKyDwARpbTUcsobnFjmkekG9d_mHjVoSsfILBZbPEaRxWJyxNSrnOy2U7Z6KdXZOw8l8DlUpBcy2hRpVPqO-7ZwJBSn2OmfIYQI2iNQ1uzZTEMw0TSJEmEGkhlkDYckmmhKtFyFdb06mIzOSBK0S4mkW9ymu9cCEkpTRXVq25alMMPSoue2eOWRHydoVaoD1P22x9E8bVnXHzYQQER6YJsd74tMaeAzKddn5HL0nBAaV8mQ5E3K7jptzu14S5dSOHRcjUu-q7OllCyvWV_tDFrgi3NYi2zdEh6OvLttfLjrda23O0qr_DgeCf9GpihxaLY4uLW-S-tskPfwFxi&cid=CAQSPADICaaNa5j_bwwXn3AEXlZsOh_0XthYu2wlgsnKjU7Q8m0-sTW0_C3iOsDGgVmm-hVkzfJ6sYIw-ZdRZRgB&dv3_ver=m202309260101&rfl=http%3A%2F%2Fwww.glitterfy.com%2F&ds=l&xdt=1&iif=1&cor=7981308672743146000&adk=1761367584&idt=106&cac=0&dtd=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 19:11:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
68124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Dec 2023 19:11:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 2D35 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
158476
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Dec 2024 18:05:08 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B74F 		1 KB
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
62790
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 20:39:54 GMT
etag
48472445140208031
expires
Sun, 10 Dec 2023 20:39:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2D35 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34b2641c9dadb88d0e63688de5365f2000eddbeb5f7e18d5f4731ddf04de0e2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0C7A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 14:06:24 GMT
160x600_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 0C7A 		79 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc938f914a45d9704b821d83ed0ac1360240d3ac62d7c60878288c3c67279bc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19231
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:31:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:21:13 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1F66 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstANVBCn_KLQzWPj6tRJ7wvIcfhiR_McZbvW3xLQec8P56B5GeM7TRrhVY3Vew8TSn5R0HTkpO8Y5on24iBqYGMdmXCDkIGh2QZTdT_4vXKhYInhGr3_Ajr_CMQpx4HJ06TmS0u6w_cIvht&sai=AMfl-YRYYAIWjU55ujKP0zDFQJW0YXnLhvg_Sz6f8Rv4YBF_xqhrywZ51rKQzrP2E5wykSFdOdaqE2M06bomr17RQYIBtP85gbVu7lof4tRMeZ7ps7XY1FnO4rY3nUJysOEuHFO__L86eGrNHYlW3QSRZuEtRt7Yzg7qtajD&sig=Cg0ArKJSzMWMUaH74OwZEAE&cid=CAQSTwDICaaNBrX6w5_CnTa0uXDoDzpZU18eDYaQi_djbfNRs9oVxbOVZThsjbZRiRKWBGK9C30-lWp4cKOVgAiureZ7Qpd9xhSA1tUramigY5EYAQ&id=lidar2&mcvt=1046&p=0,0,250,300&mtos=1046,1046,1046,1046,1046&tos=1046,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3066568758&rs=2&la=0&cr=0&vs=4&r=v&rst=1702217182400&rpt=1004&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5417 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 14:06:24 GMT
160x600_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame 5417 		79 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc938f914a45d9704b821d83ed0ac1360240d3ac62d7c60878288c3c67279bc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19231
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 12:31:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:21:13 GMT
dpixel
cms.quantserve.com/ Frame B74F 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKL_nxE96D-u9IryM21pXwg&google_cver=1&google_push=AXcoOmRYxj0reryxWyi8IcnxBmAMZg-5HYNqccg2gF2H19Q_zQnp3SFQcWCICTnLWALwRTTiFlCuUWY3ATEHv07JBiw1b2PyDNfmvCsbsRZOXTREiLn-Z530UV1_ufni2LEWH0GEMlT1Iay49sspiXLbCRhlpJs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B74F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOxc-Bi3O7iUR9kqY1Ox4gU&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOxc-Bi3O7iUR9kqY1Ox4gU&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVNCdWpBRlMxUmNrclM1&google_gid=CAESEOxc-Bi3O7iUR9kqY1Ox4gU&google_cver=1&google_push=AXcoOmT3UCJo6O0jiZrIDz5rwC8K-WzXd-9VEtGEkHdBr9j...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVNCdWpBRlMxUmNrclM1&google_gid=CAESEOxc-Bi3O7iUR9kqY1Ox4gU&google_cver=1&google_push=AXcoOmT3UCJo6O0jiZrIDz5rwC8K-WzXd-9VEtGEkHdBr9jD_JZvwjCTADnJpx79w2eMkJ3AlIRAbGu2gS4MX6w-KX_ITSLR4m5AKIProl_PPYPnxcY4tdFys7JNDxJlEP_jTmv7OQEp-ZllOIX9LnM7mnsn3oM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 10 Dec 2023 14:06:23 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=VVNCdWpBRlMxUmNrclM1&google_gid=CAESEOxc-Bi3O7iUR9kqY1Ox4gU&google_cver=1&google_push=AXcoOmT3UCJo6O0jiZrIDz5rwC8K-WzXd-9VEtGEkHdBr9jD_JZvwjCTADnJpx79w2eMkJ3AlIRAbGu2gS4MX6w-KX_ITSLR4m5AKIProl_PPYPnxcY4tdFys7JNDxJlEP_jTmv7OQEp-ZllOIX9LnM7mnsn3oM
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B74F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECu-dF0BUU5LzlKfw2PHTTY&google_cver=1&google_push=AXcoOmRjt8ntnyb-z71Rc7X2p8phV2d6oYEsL_JSM87d0uY3q_7_5y7OusjLcqaepXfyzKR6DS3I78p8BrmHmt7LVnskUGQw5pXxgy...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD43D7CEF7F743889492A95C4CFC5DAC&google_push=AXcoOmRjt8ntnyb-z71Rc7X2p8phV2d6oYEsL_JSM87d0uY3q_7_5y7OusjLcqaepXfyzKR6DS3I78p8BrmHmt7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD43D7CEF7F743889492A95C4CFC5DAC&google_push=AXcoOmRjt8ntnyb-z71Rc7X2p8phV2d6oYEsL_JSM87d0uY3q_7_5y7OusjLcqaepXfyzKR6DS3I78p8BrmHmt7LVnskUGQw5pXxgyti_STGs3Ei_FHqTs2HITKnBcl2WJfK3ZatwKr_HMZzgvF1KDZY4eWYkg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 10 Dec 2023 14:06:24 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=BD43D7CEF7F743889492A95C4CFC5DAC&google_push=AXcoOmRjt8ntnyb-z71Rc7X2p8phV2d6oYEsL_JSM87d0uY3q_7_5y7OusjLcqaepXfyzKR6DS3I78p8BrmHmt7LVnskUGQw5pXxgyti_STGs3Ei_FHqTs2HITKnBcl2WJfK3ZatwKr_HMZzgvF1KDZY4eWYkg
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 09 Dec 2023 14:06:24 GMT
sync
x.bidswitch.net/ Frame B74F 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHmXBIhm813TIPxFeEOWZoY&google_cver=1&google_push=AXcoOmRIPYJcejo67RbuvWk4JgelQlNO7C_cw3DyM2D03QQJqnXhhK78xpXmzbT_mKH_WG2yto-BE2W6VvKr0PYkfEPhho_HB1R8AaCNgFdKvw9lSYUDQQThH1hJ0N5rL4nJfOMBre-Q5661CTPt28Omxs85rxk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.242.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-242-138.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame B74F
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSTeSMS...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmSTeSMS...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMTAxNDA2MjQwMDAxMDQ4OTY5MjQ2Mg%3D%3D&google_push=AXcoOmSTeSMS2oHiIEXwuZi5cgUVI0tF-nujR7JgCa6e6Tefhxn9NxDdpZtfG9qpdax2pS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMTAxNDA2MjQwMDAxMDQ4OTY5MjQ2Mg%3D%3D&google_push=AXcoOmSTeSMS2oHiIEXwuZi5cgUVI0tF-nujR7JgCa6e6Tefhxn9NxDdpZtfG9qpdax2pSiKYq3uFDLoYL2LGDPwtRVUbSpwC1hn4Bv7FwibZkA5D8iWKUriuEVuKbHh6z_yuHiIvJKsi4HyfqV3ljRRBfOlYoU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzEyMTAxNDA2MjQwMDAxMDQ4OTY5MjQ2Mg%3D%3D&google_push=AXcoOmSTeSMS2oHiIEXwuZi5cgUVI0tF-nujR7JgCa6e6Tefhxn9NxDdpZtfG9qpdax2pSiKYq3uFDLoYL2LGDPwtRVUbSpwC1hn4Bv7FwibZkA5D8iWKUriuEVuKbHh6z_yuHiIvJKsi4HyfqV3ljRRBfOlYoU
pragma
no-cache
date
Sun, 10 Dec 2023 14:06:25 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Sun, 10 Dec 2023 14:06:25 GMT
pixel
cm.g.doubleclick.net/ Frame B74F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELKV6jx1_yVPiko1yO43IaI&google_cver=1&google_push=AXcoOmRIK6j20w3_BCcP88khRrEa2VTgbw4He0Kz4u1D-lsAwlS7EXE3Kmy3Y8WIuBXEjnuTWU2Ed3zxzY4T...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRIK6j20w3_BCcP88khRrEa2VTgbw4He0Kz4u1D-lsAwlS7EXE3Kmy3Y8WIuBXEjnuTWU2Ed3zxzY4TaKRtrpBcgoSCWWdA0Bee8YdikvZYdUAjAKBD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRIK6j20w3_BCcP88khRrEa2VTgbw4He0Kz4u1D-lsAwlS7EXE3Kmy3Y8WIuBXEjnuTWU2Ed3zxzY4TaKRtrpBcgoSCWWdA0Bee8YdikvZYdUAjAKBDDqNzM6g9Btce3maKDCuqHqbHZ3Q1cb7gYo27icg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRIK6j20w3_BCcP88khRrEa2VTgbw4He0Kz4u1D-lsAwlS7EXE3Kmy3Y8WIuBXEjnuTWU2Ed3zxzY4TaKRtrpBcgoSCWWdA0Bee8YdikvZYdUAjAKBDDqNzM6g9Btce3maKDCuqHqbHZ3Q1cb7gYo27icg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame B74F
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEJaXKbxSxuQoRyqPOR9uPIc&google_cver=1&google_push=AXcoOmT09TWZUBIuQCrIPn29uU5LqkYFmLpHVVOMCcs3-BN-Ovv1PBksroGbe5SsuL...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT09TWZUBIuQCrIPn29uU5LqkYFmLpHVVOMCcs3-BN-Ovv1PBksroGbe5SsuL4XbaBBPAs9rJDNOyEk7MoE1OSBAWvNdAwG4X5qkOHaihL23_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT09TWZUBIuQCrIPn29uU5LqkYFmLpHVVOMCcs3-BN-Ovv1PBksroGbe5SsuL4XbaBBPAs9rJDNOyEk7MoE1OSBAWvNdAwG4X5qkOHaihL23_5zsDR-agTTJG2gpZc14JlT2iFs9hzlVSmqhIfSj-Z4190s&google_hm=PjgZEz50RhycdVeGPv5Yxoc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmT09TWZUBIuQCrIPn29uU5LqkYFmLpHVVOMCcs3-BN-Ovv1PBksroGbe5SsuL4XbaBBPAs9rJDNOyEk7MoE1OSBAWvNdAwG4X5qkOHaihL23_5zsDR-agTTJG2gpZc14JlT2iFs9hzlVSmqhIfSj-Z4190s&google_hm=PjgZEz50RhycdVeGPv5Yxoc
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame B74F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JdRiDpO0XGkzKibw_639v-9-DpW64ivLuJhT5Uo85g8ckuopHXvgAWINmuoQYfHvSkTIjxMw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:24 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame DF29 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
123636
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 03:45:48 GMT
expires
Sun, 08 Dec 2024 03:45:48 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/17990266662471768200/ Frame F1C6 		141 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
62269
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22865
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 09 Dec 2023 20:48:35 GMT
expires
Sun, 08 Dec 2024 20:48:35 GMT
last-modified
Wed, 09 Feb 2022 10:37:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2D35 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssH6lj2rHY8ALjllgk-JYgnIM4FpdKTw9oFxtXvJPzco8SIgnlXyO9vvMOpzNZETKpEK7PRYp0WR2Y7-OAMs0Dmr4p_pMRDefF8NsIJRShWKYF6R5ORVOGPWzkABsbk8px0d3DfdKqnP9_7qd7ztkYQwJ5YzHBFwx92Vu0DU5L1y5mTT-vSpvwbjGTNFCxKUHCZvoZRik9Yp0zojIlCVGio5PZuM4dT2c4_JG25pjJyW8LdE8OP4kAXZkTztFsEgGcXZ1SLf339wtr2wowUpXGNpW-bTx-VpEQxf8A2kT4YMIjJ2dYGelOuTi06oQ45qeNwKTrdR_wBsFAYwtOPIe_mFM32UHqurbM2YGV_OmLShxLoIRUYiZOLLBVlPujeTrXfFdhAZsFmd9CEnV1FkHWzYw4oyAQUj6QGnF8SN42sfQAieRKb_w0nixidlTUBNPdKOwfTXTpgGzEfAUCSyurWZ9sL2Cl0r_dB3OojQjVokrTJKQn37f8N3CibLOyrQiniIv3kEMAGXGOh551jtXBAovJ3dF7ErOv3ks5768zDtXxol9ftWZVuZ8qnQaj8qqgt24IgdViEmQCnKTok3hoNiY0AvtNb9apsXLssAWjIGxFC079tDvW1o5FZB8BcuOnWj4CHY48Lb5a2bWJxJHm2AOgDNTTe_RUgf2V6DPVj13CL0IYPQZMpak4JOSYhc7ZbQ4dcW4w5YjBePrYJ2gb7NmT56wHgebUfrf-QMDnxTWsH34wnXOK2kwah5X6Z2MlsjHqSRjus_K6eZrdZr51IHnOkmNhOKo6RuMVtNRivUqWW1cFfcYx3M6pEIr3zHm_lH_uyutUUrfxEH9ipkT_ByTnk96E8lxaBaGYAkn4vuxuQwlv2Upkz-szPJELXny3SsAbWn4UA0Hr2cRvIhGtqLSLqkvW2bPAq3tplYlJYKfX6a7zSNQyKfgm80pSzJdXg1cw9Xxgl7XoG_HSSs_bCstCNJ9vbvr38FkHDh1diInbKphWLB8Kop4GRqsh0aC4DlteVdHlLBwgsMmFSGH8i23g2NRpYCjBeSHEP4O_6NAA1qDcw8NW5FRry5JK3umRHuzYTHsgtG6lHRSFS3C_q8AbQzXwhC5POZqcAPgI9oBBNn06MEm5Z7Xvo1E8zJv-n2cWc6P-pg0MDHrdD0ZP1E9m6EGYGQ9-LM30YUlIzufcI0qFXk4UsbUnsk-j1WTHBMxHYDjq8YKzxuealXHd1EmdhzM7LD6gQwuP5i-fRm1uCHGxL59CO3ykIszGJdU5tI0SxgnBN_I9bftCTIMs2hy6mf2FYwrtO03r7zQ0Kg51LBA13M1uWEO7qKj3h8GJW6vx9m0R9PdbeD0pWmnF5GvmfxiIincJ5taflyDup4Q&sai=AMfl-YQ8_2XLmng5TsxhylZkNQbkklarHNT5B8a62yKsOmTlENpkXuFGly7cmEM-3HXVnaEWhdnLVpf6mKTMh6h6KmOBZY-VJEYrBnVyRtSta1u3d3wt1QLgsF4q2PWcI3q0kdTSmcVAKZAMA-7aoKTUwpDbzlNfyWwF9a11a5ymTB27gttI8PYOaeC2XJzNJAQf0JxYC0kC4tiWmLFRUkjomWH2I0CNK2vqHUtbbGgxl_GnhMOmP2AqFBDWTki2BBqu9HC9yzMdIs8ImWehn5atqUZJkIw3Qww&sig=Cg0ArKJSzAralwh4kmXSEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=119&cbvp=1&cstd=115&cisv=r20231206.11377&arae=0&ftch=1&adurl=
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 10 Dec 2023 14:06:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 5880 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 09:21:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
17080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Dec 2024 09:21:44 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame F1C6 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 20:42:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 20:42:24 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 0C7A 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:18:40 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 0C7A 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 13:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:12:26 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 0C7A 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:15:25 GMT
NH_D_WD_Affinity-Outdoor-Hiking_160x600.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 0C7A 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_WD_Affinity-Outdoor-Hiking_160x600.jpg
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89f2b68c7540f261305967af0530f12732f20d00e5398759b71b1795c9512662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 13:55:11 GMT
x-content-type-options
nosniff
age
673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62677
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:54:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:10:11 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 0C7A 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=0VQok0bkSs&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 13:59:56 GMT
x-content-type-options
nosniff
age
388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:14:56 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame CC9D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 09:21:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
17080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Dec 2024 09:21:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 95E4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BiUN43sV1ZdOTG_GB1fAPusC7sA0AAAAAOAHgBAI&bg=!LC-lL2DNAAY3kmNgF5I7ADQBe5WfOIAeP30FxUVlj1IGosohoZIeQhc4DXVH6jXSCzk0wwVEVCg5lMiC83n7MBt7ncwmAgAAAXNSAAAAA2gBB5kDZip5vTpn-m-M438Layf2W6PD1ZjtCl6MEEfIYYRQombNfzvo5P1-L4CVHfprBjvIzUAkcTikXs8kKdL6qu8Qzup0UwNEyDkL4xwbqwQew6S-wzycHxOdmAvvlhuybOIlp_HHjylKsBqObCzPH8wbeCfS2Fr24m3dYo_VYNk_pIsjrrSH1BbMA5efSJpnKrDgWK-gKDbmvZKx7bkDmS6USP07cdAQEMY0Kb4aDXoSkVeLXAhOagneaJyaezQiaX7WQ_LeypTuzurwHmq7JcJsDTZwc1oigYDqhnPEtctKEOnYk8D3lXLrJiUW6HLACXXhd1Zj1_0SXvOfrLgmyUvYmZg-ylUWtBq06I5wikD6PZZPLdDyuPEO_DNiJ2yGllo-wUhiWqtngkTRr43l0Mq2CAh0NTm1TJy0orOHbnb3j7wNPheBC-qtyRJnaSzVjlVnAlEwY7We4YzPWeVxnDMLDZlXSzg5ERX_yJpnneKLTp8zzA6_PlZnr5k1M8qajEriUS0mOuH9ldzTxnxokTBXhcYucKD7YbO4dTtXUJMWWbU25w8omMbVfUnXgpUJyYD2eNnLXL13-5VkIyghg7eLrLGN1AYYI5hiceqDGvcB9XtmFG4FfB9vVsd98xA0gWeM7Rc5NcXwj-lBWqKPZxvtZ5bGH1yXKAj9GMt6jhrDB8EazXbw73osqeWGMhKnWE3aSc23DQN1lI0g16Y9RhPdQnoDRnCUr1QXDEKhd87BXx7m8DWm-lnvKzjrnkD64WIAzTb3dyEl9KXedN3TDlrHzxXuBQDhi1ecq033qZER_yWI9OfHEBb4k424WgZx4CFb3Qf9XZN0HclhwpWu9un75mwSxBZglmXfDrS1QTuHBNig5EWkVIUXXr0DXN2CfjpihmkoOv7t1kdUBu2OpMjJWs-U78ZaeOzKXHVWJTgGdTx72BECyTlAZK-R3rOoxLPxCJGfFj8VLAz91jzP2KZwpLpWV_CMfveDlJ7N-iJOPHP2nA_0d6RcvCHhGCEpfFTRGKIwPy7hH70r7pMgp_gFLl3oxr7SDPN5M_xqUI61Mumok3v8GbST5bf_hrOEtdoqU17OHA5XbJkvEszuJr7fK3jZRxet8K69nkou6ZS4y_iVyfhTqKgH59pSycBf1DcLR-8EW0Vj8g
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DB6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B-ZKg3sV1ZdSTG_GB1fAPusC7sA0AAAAAOAHgBAI&bg=!KCulK2TNAAY3kmNgF5I7ADQBe5WfOL6hDv9KkIcHPH-vWuPd6Qth0KQAPAWZVaNzaRs1Xw-Jzq0CJeN_9jqpXbtKYc89AgAAAXRSAAAAB2gBB5kDRi0XLHMKX8JAsKpnI7YKPJjyN4AKRAe3fYP1xV5sCGdD2SjWm2bi6trGy1RCymLMezTm2qJdbKLcrGXMrXhP0ZaQbCSKd3ocBw_icfClLazberi-vWm-vIvXiOelgshYhlsNY77agu6osop4HxLuFOsPDdmHXHjnSUop2byiadn-B9trCD3vQgaCgOgOsZiC1qMb9XTk4yuuuBRjQrGTwngQhMED_hAJHQUijD5yBYbfTYddHo3SZliq_EHcL4tWGxmkI4OKlJqQzQ8lN8Bn50cttF6g1x6z8SqVQH6a8-D1HYrPesW1I8Yp1nRbP7wW1qMPMRHnbAtMYIro3xm1FlKwLc8S-YFMTX36xFU4Ioc2_KiVW9Xr8Zho6dpM4wVB--DdyxKt19HKZK6fnrOqkdXlXU0RnlWxrrE0EfYZ23Jvt3NYgBg2Wvkn6mQJpkbbGaooKcJD02wKyJy4Yp3s8hltLqAhuFTbgEmm9MhfZkHD9n9zKyzpF-vRBjCG-tXNbpr0BQVOjwp7Bd0Q6-pMXk4ffP0Woq3ADGJ7PRpKk4kvKfz02q7-dz6A7CuHoLuyeandRzmG-IjarIJfZoOdm6NjJP5AzFwdLBYCqDXwrHAphujUwjQ0yg97Rt3ouWqaSy8x88rclNGNb535zxPnubeTHGGXuGbNo2MlzjUBXvyL2sA4jcabYvRAoJp7FUpxT5PF7H_JfmWi0m4DyWWmWcn7R8dg17zjTjz5thgE8HHwxVzY5EohEB4sreW56ClffeMbdHUW7JgSIGReDMK8SRlQ8z_lh_j3vtqX82DwNNnIOC5XBhVNWoatwXu4WmyOWzt5RVIFAuModeRg_ebivY_NThdPPhWHxa1rzIV7TjGSme4ll-KChDhDHt5wSH6jJtDtUaFXnxsuUIh0sv0yKssVNOzPzJI1K5IC7tTuK7vHpp709XtcIpSf4FVh8qZONAYyLgmQ9AryI5ZNtr7NCGnYZmAHZmdmDeGn94QeCUEh0_AonoO00zd8rGAvetUO_Qgq3Rl43ClTJTRLzVMA4BdsoG6JNPOAfsNF--2Q3y1BhfkkzVfe3xjamYchTfmXJYC9wLPrZ01KptIrLnxjsV-3xl3WW7A
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 5417 		6 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:03:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2334
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 11:06:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:18:40 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 5417 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 13:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:12:26 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame 5417 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:15:25 GMT
NH_D_WD_Affinity-Outdoor-Hiking_160x600.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame 5417 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_WD_Affinity-Outdoor-Hiking_160x600.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89f2b68c7540f261305967af0530f12732f20d00e5398759b71b1795c9512662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 13:55:11 GMT
x-content-type-options
nosniff
age
673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62677
x-xss-protection
0
last-modified
Mon, 07 Nov 2022 16:54:23 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:10:11 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame 5417 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12943809228921786815/index.html?e=69&leftOffset=0&topOffset=0&c=yhRZ4fwInR&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 13:59:56 GMT
x-content-type-options
nosniff
age
388
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:14:56 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame DF29 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 09:21:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
17080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Dec 2024 09:21:44 GMT
4.js
static.adsafeprotected.com/ Frame 2D35
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634096/4.js?ias_dspID=3&ias_campId=1013669275&ias_pubId=pub-4792976128368202&ias_chanId=1&ias_placementId=20338656165&bidurl=http://www.glitterfy.com/...
  • https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_4MV1Zf-NEvzpx_APzZOb4Aw&cbFunctionName=goog_wrapCb_4MV1Zf-NEvzpx_APzZOb4Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_4MV1Zf-NEvzpx_APzZOb4Aw&cbFunctionName=goog_wrapCb_4MV1Zf-NEvzpx_APzZOb4Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H2
Server
2600:9000:2127:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:45:50 GMT
x-amz-version-id
dZV1qYWLtZJQETG4KzZq1jUYDpTMrU_G
content-encoding
gzip
via
1.1 1f98172ca4214b0e937b7d3d534b34cc.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
242435
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 07 Dec 2023 18:45:48 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
aUVNPLNrEVHKf2q4NjpuUk_aeNix4TTmWnS-TrOXHZeFyCaX5w5i6g==

Redirect headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_4MV1Zf-NEvzpx_APzZOb4Aw&cbFunctionName=goog_wrapCb_4MV1Zf-NEvzpx_APzZOb4Aw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 7D99 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 1f98172ca4214b0e937b7d3d534b34cc.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
6962234
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
jT_wln6V4fqiesnN6Sp6PY0f2rvXreng2MSBj_wct92BYq_cMIDqdQ==
view
googleads4.g.doubleclick.net/pcs/ Frame 2D35 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssH6lj2rHY8ALjllgk-JYgnIM4FpdKTw9oFxtXvJPzco8SIgnlXyO9vvMOpzNZETKpEK7PRYp0WR2Y7-OAMs0Dmr4p_pMRDefF8NsIJRShWKYF6R5ORVOGPWzkABsbk8px0d3DfdKqnP9_7qd7ztkYQwJ5YzHBFwx92Vu0DU5L1y5mTT-vSpvwbjGTNFCxKUHCZvoZRik9Yp0zojIlCVGio5PZuM4dT2c4_JG25pjJyW8LdE8OP4kAXZkTztFsEgGcXZ1SLf339wtr2wowUpXGNpW-bTx-VpEQxf8A2kT4YMIjJ2dYGelOuTi06oQ45qeNwKTrdR_wBsFAYwtOPIe_mFM32UHqurbM2YGV_OmLShxLoIRUYiZOLLBVlPujeTrXfFdhAZsFmd9CEnV1FkHWzYw4oyAQUj6QGnF8SN42sfQAieRKb_w0nixidlTUBNPdKOwfTXTpgGzEfAUCSyurWZ9sL2Cl0r_dB3OojQjVokrTJKQn37f8N3CibLOyrQiniIv3kEMAGXGOh551jtXBAovJ3dF7ErOv3ks5768zDtXxol9ftWZVuZ8qnQaj8qqgt24IgdViEmQCnKTok3hoNiY0AvtNb9apsXLssAWjIGxFC079tDvW1o5FZB8BcuOnWj4CHY48Lb5a2bWJxJHm2AOgDNTTe_RUgf2V6DPVj13CL0IYPQZMpak4JOSYhc7ZbQ4dcW4w5YjBePrYJ2gb7NmT56wHgebUfrf-QMDnxTWsH34wnXOK2kwah5X6Z2MlsjHqSRjus_K6eZrdZr51IHnOkmNhOKo6RuMVtNRivUqWW1cFfcYx3M6pEIr3zHm_lH_uyutUUrfxEH9ipkT_ByTnk96E8lxaBaGYAkn4vuxuQwlv2Upkz-szPJELXny3SsAbWn4UA0Hr2cRvIhGtqLSLqkvW2bPAq3tplYlJYKfX6a7zSNQyKfgm80pSzJdXg1cw9Xxgl7XoG_HSSs_bCstCNJ9vbvr38FkHDh1diInbKphWLB8Kop4GRqsh0aC4DlteVdHlLBwgsMmFSGH8i23g2NRpYCjBeSHEP4O_6NAA1qDcw8NW5FRry5JK3umRHuzYTHsgtG6lHRSFS3C_q8AbQzXwhC5POZqcAPgI9oBBNn06MEm5Z7Xvo1E8zJv-n2cWc6P-pg0MDHrdD0ZP1E9m6EGYGQ9-LM30YUlIzufcI0qFXk4UsbUnsk-j1WTHBMxHYDjq8YKzxuealXHd1EmdhzM7LD6gQwuP5i-fRm1uCHGxL59CO3ykIszGJdU5tI0SxgnBN_I9bftCTIMs2hy6mf2FYwrtO03r7zQ0Kg51LBA13M1uWEO7qKj3h8GJW6vx9m0R9PdbeD0pWmnF5GvmfxiIincJ5taflyDup4Q&sai=AMfl-YQ8_2XLmng5TsxhylZkNQbkklarHNT5B8a62yKsOmTlENpkXuFGly7cmEM-3HXVnaEWhdnLVpf6mKTMh6h6KmOBZY-VJEYrBnVyRtSta1u3d3wt1QLgsF4q2PWcI3q0kdTSmcVAKZAMA-7aoKTUwpDbzlNfyWwF9a11a5ymTB27gttI8PYOaeC2XJzNJAQf0JxYC0kC4tiWmLFRUkjomWH2I0CNK2vqHUtbbGgxl_GnhMOmP2AqFBDWTki2BBqu9HC9yzMdIs8ImWehn5atqUZJkIw3Qww&sig=Cg0ArKJSzAralwh4kmXSEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=350&vt=11&dtpt=231&dett=3&cstd=115&cisv=r20231206.11377&arae=0&ftch=1&adurl=
Requested by
Host: www.glitterfy.com
URL: http://www.glitterfy.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 2D35 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a8f2abc2-5d10-3268-7cbd-a3839ef3e11f&tv=%7Bc:wpgtgJ,pingTime:-3,time:79,type:v,im:%7Bpci:%7Btdr:55%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:-1,vs:n,r:,t:76%7D,%7Bpiv:0,vs:o,r:l,t:78%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:79,n:2,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~728.90%5D%7D%7D,%7Bsl:n,t:76,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~1,0~0%5D,as:%5B3~728.90%5D%7D%7D,%7Bsl:o,t:78,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tY2RPIm+11%7C12%7C131%7C132%7C14%7C151*.990511-61634096%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1711%7C17121%7C1713%7C1811%7C181211%7C1813%7C191%7C192,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:20%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:cac1:b5d6:8914:d668 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:25 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2D35 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a8f2abc2-5d10-3268-7cbd-a3839ef3e11f&tv=%7Bc:wpgtgK,pingTime:-6,time:80,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:81,n:2,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~728.90%5D%7D%7D,%7Bsl:n,t:76,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~1,0~0%5D,as:%5B3~728.90%5D%7D%7D,%7Bsl:o,t:78,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tY2RPIm+11%7C12%7C131%7C132%7C14%7C151*.990511-61634096%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1711%7C17121%7C1713%7C1811%7C181211%7C1813%7C191%7C192,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:20%7D&tpiLookup=ao:www.glitterfy.com%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:cac1:b5d6:8914:d668 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:25 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2D35 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a8f2abc2-5d10-3268-7cbd-a3839ef3e11f&tv=%7Bc:wpgthh,pingTime:-2,time:113,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:654,beZ:655,mfA:658,cmA:659,inA:660,inZ:663,prA:663,prZ:670,si:675,poA:676,poZ:696,cmZ:696,mfZ:696,loA:735,loZ:738,ltA:767,ltZ:767%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:19%7D,%7Bpiv:-1,vs:n,r:,t:76%7D,%7Bpiv:0,vs:o,r:l,t:78%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:113,n:2,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:19,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~728.90%5D%7D%7D,%7Bsl:n,t:76,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~1,0~0%5D,as:%5B3~728.90%5D%7D%7D,%7Bsl:o,t:78,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tY2RPIm+11%7C12%7C131%7C132%7C14%7C151*.990511-61634096%7C1511%7C1512%7C1513%7C1514%7C1611%7C1612%7C1711%7C17121%7C1713%7C1811%7C181211%7C1813%7C191%7C192,idMap:151*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:20,sinceFw:92,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:cac1:b5d6:8914:d668 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:25 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame F1C6 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
160
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:18:44 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame F1C6 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:00:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:15:11 GMT
tui_live_happy_white.svg
s0.2mdn.net/creatives/assets/4426814/ Frame F1C6 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4426814/tui_live_happy_white.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:00:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
362
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2962
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 10:17:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:15:22 GMT
head2_2line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame F1C6 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_2line_paare.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:02:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3441
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:17:20 GMT
head1_1line_paare.svg
s0.2mdn.net/creatives/assets/4453672/ Frame F1C6 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head1_1line_paare.svg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 13:58:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
480
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1610
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:12:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:13:24 GMT
728x90_kv_paare.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame F1C6 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/728x90_kv_paare.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/17990266662471768200/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 13:55:37 GMT
x-content-type-options
nosniff
age
647
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37294
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 08:21:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 10 Dec 2023 14:10:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DABB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvT5wiqKhEUPU1XIVGiA2TJQBQdDTT1tRq_AmoomC12khqbD1gHdZRNoLkBwDG_r8Y9nLF-MuNi4WpDCHJWR6uN7WI6u66FbUcMCwtsFYKr4hmtYH7rH-Qq_VeayGVxZmSs-rwFrA4iseZBsLNSNmC0iFXHHeNyq4-7lYF5dmU&sai=AMfl-YRC6kA1vGaXm8dA4Z4Q4M1ZLDDCa8GY9gyGr7KyQyrKid_BTTo_yBxBr2QDhjcy7_Jc5lXlIiZzSrKp2JB70IPYZU_i3sclZoUzt_unWRShJC-jcjYeZiX2NQWCOTD2aO_9TTERsAhKmP83UoYbMZTXfvK62n1hCLE&sig=Cg0ArKJSzEVrgTrxRFF6EAE&cid=CAQSTgDICaaNwGg_O_X13YFaMXfxf8MaicQ9sAcjuS_mLwiSj6sczVlDdAf878PICD0bS15Bad0CjuzRAW9sm7UTTOawqLoO0TnUC9HnslE5ThgB&id=lidar2&mcvt=1022&p=0,0,124,1005&mtos=220,860,1022,1022,1022&tos=220,640,162,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1702217183336&rpt=522&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DF29 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BuUHC4MV1Zf-NEvzpx_APzZOb4AwAAAAAOAHgBAI&bg=!5Oel56jNAAY3kmNgF5I7ADQBe5WfOIFnAi8pEIIGDMBi_aJFNhADAR1nvSoILphto5ZiSkKjsVRbhXo7OqrcsC67JevaAgAAAH1SAAAAAmgBB5kDL-7o1jGEpeamr1sPGTfiKIdWMnouexsvi4QmgRAuyWXOYOK88J8TBLlx9CQtB8hLr9oVe9X5X63hHegpBeZb3uX8Azt_PGRx_7agdFhGzfxuLQLZppNbc-sw437hjmJ6HuGEwXy4seRlngTXg2yV5x43sVu9XzslzhG00bCR0jocHNV4UrSYvrZZcK6u78_cWR9mEZVh8SVab_his0Mfp2HjvexTprv-NX6Vsc5aGnFZcrNYtHFfj3mAslqdneIEW8f-KTAFNrA0UfjwYKXyfGqVYqoz6lGAog2-9vuZHfyzum_deOwNPfwMa4p9_oizb5oGb2wuz4uQQDJh5k43RYh1gytrfk7qwJVxU5eUedkOAV6ibdY5s87XNYPWGl0yN0CzpD9xABDcJnYn79Qrjs78y_hX3S_2DxC-XD3oLjojTvVzFpT5a3uB-9nUZWvD5VRzDHJw34CTZCUJBp4Zx0tfguO0GVAO-v0Ly_CmOPvV297fmC57q6F4cCORotROII2C4inb-BUNZZU8GsSinp_kCVmMVnVWjkKjE6wmSmm83cfLheTPGprerXnLsSPkM20t8-zkIGcgpeerj_GkXz5dHidHyE6bx4_PSRKYHpHeFcIJkHC-mtplSsZ5nSWZF2DTSVALwvDvP7DHW0yyXucPjlr1LXW_MqeLNNFh-lrln10DvS4I86SF4v-Sr_4VJSRPsTse4Bp__Af1nlGHdKobQIPEYSreyA-u8z7qLCSPT6opfN-nBq2J-UVPQMtBAxYagTntwxvtZN7kaGnqDbcdzaV8-NWh1JMETh_Lc59LhTTN0-3icz3i9HbwncbUlxOVy08s0UXCgYpbE6ys4HKXWTJztmydW_PHJjQb5JDSI9ijf6gZt6B2ObWRJ_397WtCJuTThU8tw22LC77JLhQBsDgecdxoYGmUVIMOIKddJP5OSQWGfPYajB1pUZrbfxB5H4ubWxyTDEJbv0oo1p89ZG0xbmETLUvMIXOumrytwJtovi2jFuwkLHhTgmQbRrVIoGAuZ6bBl83KZ0E-oril01vRG1_cCpCRnCv7RZRNgt0QXPfca11tdQAfab0x
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 2D35 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=a8f2abc2-5d10-3268-7cbd-a3839ef3e11f&tv=%7Bc:wpgtn1,pingTime:-10,time:469,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjcxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002022202222222000020222222202022222220222202000022000220222220000000202202002222202222222220222222220000020022022200022222220200000222200022020002022022022222202002220222022222022220000000200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022020000000020000000000000000000020220202220000022200202202220022000200222022200200022220222200202222020002200002222022222202222000002002002222222202220022202200022002220202202,asp:1702217185175%7C%7Cdfa197783c84955467dbfcd22fa92369%7C%7C81fa84b75a8024ba76b34e57df459f31%7C%7Ca2347bfcb2d4848da1398ed328dfe22e%7C%7Ca560242d91eb06521ccfdda160c76078%7C%7C0b2e2f3881da41238a68a19c41d9e6a1%7C%7C2060c65d820f15b4d593130a77349526%7C%7C2419c732426f3fbf1dfea0c9f6b0245e%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4792976128368202&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1702217183&rafmt=1&to=qs&pwprc=6689048176&format=1200x90&url=http%3A%2F%2Fwww.glitterfy.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1702217183235&bpp=1&bdt=1463&idt=1&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=3239167127&nras=2&correlator=599539555482&frm=20&pv=1&ga_vid=2009953697.1702217182&ga_sid=1702217182&ga_hid=1733098342&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079863%2C31079922%2C31079929%2C31079930%2C31080036%2C95320870%2C95320884&oid=2&pvsid=4080189183877251&tmod=1974460385&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:cac1:b5d6:8914:d668 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:25 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame BB8D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaCGDizkLWA8FPsJ6OdUWcX8Q9z2BZXsRmd-PsVJ6jEMR0HXcht4OCpAiGmJmEUxn6mOefBv1gv5lUOIGdAqkcH-EMNrtCbCIKcZy_AVymTVY4CyEagFwji3nNxNMbCsMyvAZ4bykLjuBU&sai=AMfl-YSBe23YpSufxMmoAVCvnoMku6SGOLXuzwsmXBCS2nn3eLRH_knjdnbISiJ_HVcVAWZS0l5CNmSxedGswvI9xt2ufajNxC4pQO4Kl2LqEod04QkUoCliOXtYUm-RdKtP0WIn8q7qG3WIkWqgA4GM7bk_1ouVE4f0GZM&sig=Cg0ArKJSzG2Sln23o7pzEAE&cid=CAQSTgDICaaNwGg_O_X13YFaMXfxf8MaicQ9sAcjuS_mLwiSj6sczVlDdAf878PICD0bS15Bad0CjuzRAW9sm7UTTOawqLoO0TnUC9HnslE5ThgB&id=lidar2&mcvt=1030&p=0,0,600,160&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&vs=4&r=v&rst=1702217183465&rpt=405&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F5E0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_YbZ_f9XENMr9XA52tHLFOMh4LWPGZL5iJmXmzAymiXG63yI27Ty8mqdU5UdYiNSwcCiLvabdb4kMfE68lG-PsYjFA_RGkhVprmSqIRjT5-MfiUVKbrR8hdOxEbnbhci5a1sFfinn_G6H&sai=AMfl-YTzygFVsKv6x7eUJmBnpw5dxQ2raHyxXtHNS8ZT0zpuyc0FCRv_gjyNhg5zydZWEAC0YlcXPuUlCg9k0ejuS1GBHTJ0wo1JN6KDw8_a2ByyU8fDVL9m6nvYrVC3ygBN-wczPtJaXaARvJdfJ4aGUM2OHRJvmkA6998&sig=Cg0ArKJSzIIIPJNutP43EAE&cid=CAQSTgDICaaNwGg_O_X13YFaMXfxf8MaicQ9sAcjuS_mLwiSj6sczVlDdAf878PICD0bS15Bad0CjuzRAW9sm7UTTOawqLoO0TnUC9HnslE5ThgB&id=lidar2&mcvt=1032&p=0,0,600,160&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&vs=4&r=v&rst=1702217183509&rpt=325&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=pub-4792976128368202&plah=www.glitterfy.com&bust=31080036
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84da7eb0694763f1b64ee5049ed57ba341493fc5f0dbf170749a61a9a61f490c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12295
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=pub-4792976128368202&plah=www.glitterfy.com&bust=31080036
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 10 Dec 2023 14:06:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63CC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.glitterfy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13178
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 10:26:47 GMT
expires
Mon, 09 Dec 2024 10:26:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6C74 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a27852dda3f4f0fb09856250dd58a6e5922957a9a9d5b8a722e7934e5868ba73
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2C-KdiSQeA2ze6EZZ4A8bA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.glitterfy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-2C-KdiSQeA2ze6EZZ4A8bA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 10 Dec 2023 14:06:25 GMT
expires
Sun, 10 Dec 2023 14:06:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 63CC 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 09:21:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
17081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 09 Dec 2024 09:21:44 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6C74 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=4080189183877251&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 63CC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kfuVtA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Sun, 10 Dec 2023 14:06:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D35 		0
22 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2065879191481&version=m202309260101&ct=76&x=1&cor=7981308672743146000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2023 14:06:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=4080189183877251&bg=!2dql2pXNAAY3kmNgF5I7ADQBe5WfOEA7C1ceSHWYtVhKBrMP4fsYfrnp4lQwcIFDSazFWVUwlJF8G5Ft89kQQmNkQk6TAgAAAO5SAAAAA2gBB5kC_QE1icNr1w8l8h2Mn8iMbkPkaPi0JZoBBZ6-rP9sSYVfMizVAQUx3yo95MAqfw_2sx8x3lAhl_rPRK2bSG6VWhm7wTUavoRUakWvJonnD3TA-GKDsmgiophsoYwVHOpa-4Qr2Q_JiZEzLYYu3SF4ci-n8VQXaiCLIaOe4Z0sXSFFnxEBOOWuYmM-U_iD56qFSg1ymmmzUbuVsV9pEp975TDJwIHU8glz3EMYruxGdkXSFrrmK6Hbk3Ct1LG6IPJmHui6M72QYZWIefACbWwFb3eypcjyuq1MYbdfpBC-slccmelNDe7o5Bs2oOK78mFekYheqDUGuxV2qqZNd8_UC3OExVeLsrN-syrsYjb0k1N6WdYk4jsUYWIHviYZ55BTHKcAXlW6P1oXacJbSDtvr68Gs1ZdhfoJf7n57aH7GUWoH9WY_fR9-Z0_rPyFq5VPcpwvVODHAiUV2prIUStBc5FhadYkvOnGtfwmnkC-2nOzupERcuXpBTqGnYAl2Bzxt66LNEDrCrgA0mQ0iLVsW1-l6SP6gO5iMOgKtcBa6_J7-Ez1G12PAddW76c2cJCktxgfQCU6u0925O-wDCM5BTSjerg3hBIdAh8kAXe4a8RMXU9WoL8HK34XaR-LdcNGwcVZODKpIqvm4t1CFezSamnrFOE8QpqERHX5NHwIuNTx6bwstt1cLmqIX3Tj6sutsGtmejZncCe-KrufaGRXu9XrzeRJj7aBQaZgz9QGnU4IqDE4kN3PKFH9cKyLg550-O-bzPUhnasaA3iwD6QOS9dmLVgO7CFRKm8zbtNkpaIbAgF6Myz1VKHRQwXuP7hlruJKbxALhd3cs5d6XNvfQqWrdYUHNfABAJa2MTX8NsY3HaavMteOdRBmIySfH-Yy8nTzX4PFBhqn2pq_gX8vVKy2zk_f-EWZsgFfXAzAsyKCqDlN_eWrjVLSSptUOIsrK3qXbptzv8xJZ1A2bG81PYRjJAq7DHy-JEehTE7SX4wwvvv6GDbxpHqlAtu2uQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.glitterfy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| googletag object| gaGlobal function| ExpandDisp object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_daaos_ts object| google_erank object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing object| google_ad_public_floor object| google_ad_private_floor object| google_traffic_source object| easpi object| asptt object| asro object| asiscm object| seiel object| asla object| asaa object| sedf object| sefa object| sugawps object| slcwct object| sacwct object| slmct object| samct object| google_shadow_mode object| google_privacy_treatments object| google_xz object| adsbygoogle object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| GoogleGcLKhOms

32 Cookies

Domain/Path Name / Value
www.glitterfy.com/ Name: countrycookie
Value: DE
www.glitterfy.com/ Name: popcookie
Value: 1
www.glitterfy.com/ Name: adtype
Value: zango
.glitterfy.com/ Name: _ga
Value: GA1.1.2009953697.1702217182
.glitterfy.com/ Name: __gads
Value: ID=e1b80a50c50b981d:T=1702217182:RT=1702217182:S=ALNI_MZY6m2a8g2VFqZOD7_QoTDFB5IvwQ
.glitterfy.com/ Name: __gpi
Value: UID=00000ce4d75ef14e:T=1702217182:RT=1702217182:S=ALNI_MYPKVkji68wBNZvG3DY8CMvmC8Alw
.casalemedia.com/ Name: CMID
Value: ZXXF31wrd1YRZQWxiMxZGQAA
.casalemedia.com/ Name: CMPS
Value: 5255
.casalemedia.com/ Name: CMPRO
Value: 5255
.adnxs.com/ Name: uuid2
Value: 4555998127423413834
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnnOqbejBa57gRZWkin0vc4_Wnv9ArH8zW9dz7qDKYAwi4PAjNvkHwDhP6tu4U
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU)vV^zX!]taL8i_iqf!oN/@E'zz<*Z2$N?irZSE-n>ey:b6UiUPB^>/g<-$!q1m>Ke:<QG=%9sk@3@'s>T4U@1b
.doubleclick.net/ Name: APC
Value: AfxxVi4POdsbbCIlPtDjKn1Q_4NkGtR1Rrxji1x6BWV3u7ZuJiUDBA
.glitterfy.com/ Name: _ga_8E8VMT9JC3
Value: GS1.1.1702217181.1.0.1702217184.0.0.0
.w55c.net/ Name: wfivefivec
Value: USBujAFS1RckrS5
.ctnsnet.com/ Name: cid_3e3819133e74461c9c7557863efe58c6
Value: 1
.ctnsnet.com/ Name: gid_CAESEJaXKbxSxuQoRyqPOR9uPIc
Value: 1
.w55c.net/ Name: matchgoogle
Value: 5
.simpli.fi/ Name: suid
Value: BD43D7CEF7F743889492A95C4CFC5DAC
.quantserve.com/ Name: d
Value: EGIBCQHQKoEA
.quantserve.com/ Name: mc
Value: 6575c5e0-8b7a0-18ae4-141e8
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_id
Value: 2023121014062400010489692462
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 6575c5e0735c53af
.addthis.com/ Name: ouid
Value: 6575c5e000019fa80ff3146f8c545668795a3c291abc7ce11d0e
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20231210
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0

3 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img10.glitterfy.com
img41.glitterfy.com
ius.ctnsnet.com
m.exactag.com
onetag-sys.com
pagead2.googlesyndication.com
pm.w55c.net
region1.google-analytics.com
s0.2mdn.net
scontent.xx.fbcdn.net
static.adsafeprotected.com
static.glitterfy.com
static.xx.fbcdn.net
tpc.googlesyndication.com
um.simpli.fi
www.facebook.com
www.glitterfy.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.181.226
142.250.184.194
142.250.184.226
142.250.185.70
172.64.151.101
18.192.242.138
2.19.104.189
2001:4860:4802:32::36
208.71.34.181
2600:1f13:800:7782:cac1:b5d6:8914:d668
2600:9000:2127:8a00:8:48e:53c0:93a1
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2006
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.121.34.204
34.91.62.186
35.186.193.173
37.252.171.53
51.89.9.252
52.211.95.38
85.14.248.91
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0ae633a075b2645d916a9e3d096c5dae1e27f1416324202a8e194824edb86248
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9ebdda623d66e3b63cad5b6b6c5a60b48bb3973539cd57dd90ae1cc15102e3
0cfd99219dca577920fba9030fc5156d61229e09cfce16b55435ea87b4b45349
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
15ddf64a1db0b06797a274e5975f2303bbfd68ca43e0539ddb4f5aac2bcaa456
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1dcc62b4a4a3dd90ad246abc071d80df32cfd2231b1cde4d097a6411c38bdcee
1f2bdca79b568f2d17cd9a34402797d81a231f3a32dc6c082dfabab3940caba3
1f9cb9696f28653fb77b90883be06d3ad4258f86c2e333da96799ea9481129c5
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
2549ef26d7da0d8cc8844658a98b88520f80890bc8fba678e1c8860612c43ef7
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
2814b08ced0ea2b76fbb225e71e4188fcac2d65b307882cc6a759ea0dee024f8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34b2641c9dadb88d0e63688de5365f2000eddbeb5f7e18d5f4731ddf04de0e2b
3799335d46afe3a4a6257d5f1a0a3b88d9ed6cda9752eee2c1286443d2783c46
3827a6dd36894e2178e76226f61a99f2099896b5d088e2a8db6c405402b4bcbd
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a0e5d65e8a848ddcce449abecc5fcd4e7df645bbec41b68a3c0b7ea59bad3e5
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3d5cc5e645ead9cbc3e2e135275ce97f89089196e082b4e4f9a99d4613f7294b
3e7a04d3db9002eaf0494ec925f259661b001d11604758c546b36e2dc262d199
402979a6bf4f2c266c7cbf1d3ebbdaa9d265a4fd6d798e3985cfa962111ac8ed
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
446161f914ac33a89df2629d97389a6195ba120ec3f6c37e8dc8e522bb310c5d
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c10408a906bafcc53dae6a31f3bc5b73b7eff11555bfa8da8f841dbf257d9e7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ed43871964ee6ab05f6c19dcb9684e40f25d227b4ca0b480d7dc5e57be474c7
4f859c54c2abc8c5257845d36ebb1152e3eb5c555b9b78420cca3a626ecabc9d
4fb496a58178a97960592ca91e3a7047455d40ea8e23d7cbf590449153c13fa3
523e148cabfafde32d666269cd9d9a3ecdf450c6e588c7d88401043045d4cf19
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54d579ca1e1c51d84ba472317ad7a1d8dec4bd81dd11c8f091673208eda76d91
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563d8b655debf02dc76ee9cad7e2114692c770d009bfc9ed1f9153eb384593d1
57c2b596262f49dfc85822938e3989a0345fcd5ddd698423283ca15f162f6b99
59306218ecf46ddfc2a080addf969e55c734cca0c455c8881f9e2b5a7bcda2ac
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60f905055ff017d4f4b271f2a74746a2018521642363f0ac250bd7cd153ed43d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
62cad4de639c95854624e4e7565b97997a2a2d05e6abaea624823e7934f024d8
658763708a45d3b028477e7bde12bf3da7292317c8f82c01131600f89052ef53
6605864421b2d516943cc0ff66bb2f9087bfbe6076716fdd8b7a877083854371
687a2825f9cfcdb71fd7f229707d8ca82469029090d98f557f05d60e62dfc38a
68b34a28617137221b76b93546359bf577aea1d6b3aadbd65b40e8bbdae7dd0f
6b3e7d19bdcba39646b4783327242dede188f74a79c149005f6a97b065ebf2ff
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7137feb23e6e5d9fded6b150649c4ba912dc15762a516c7fa8e424860732955c
71cc38ba08ec64d5375fed4518c59f51bc56ec70ed19b92792ee136477e1d385
733174db60b2c988f15f6e39637535006b0157b0089e255d3eb573e69bab7261
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
7727eab7ce8001b752567b102ba3dde618b1a800f0225f7d6ea7d1a162b1f68a
7ec2baf275e8f580a9df15608d10d9f2f453d8309db947db14e2aa1fe56a435b
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
82cb2c78bba5ade94dadd2f5df506244a570313c5662459ba36d1bb5cd26ec58
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
83bcc5059495915aa7834612883991c05223d1dce9013d537e2c89e1b22590c2
84da7eb0694763f1b64ee5049ed57ba341493fc5f0dbf170749a61a9a61f490c
89f2b68c7540f261305967af0530f12732f20d00e5398759b71b1795c9512662
969797e2216e9c272544e815f684f78bac072464e9c1d21e22baca4077076fcd
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9711c16a64e8b4086724485013257f3ba812d103630ddd609e3bcc677a07a0bb
9752ed8055e73fcf4d17b1032c674cf410bcc317a7b230fec0845e5bf75c8828
98f9646d7c1b15aa111349ddd8321297225cd092d94911434141043ad0b677aa
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac6e5508ce181a3db110c6e77dc1bfdd3f474c775dc5949388978c98b9fba6b
9ae3cd79c74c4a7cc38146cec0b0ceb8c0bf85fc25ab39b4a512e116446b9523
9caffafcdae7b42e3d074103c18a33640d4edf81401c216e99dbb77a15dfa511
9d25a14bfcdb46dfc66a94e38969850f6de6c73bf914827934e906554e3fcda4
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a27852dda3f4f0fb09856250dd58a6e5922957a9a9d5b8a722e7934e5868ba73
a29caae86cdeebdf24dcc1e1e7fd3e0ac49a39d6aac2b0ec954df4e4393ba26d
a33ffed47ab9ac8e944de799f407aea8ad2beca0d9e522594e80fce7e0eff5ba
a56369a6e084213da00d4f02c2435140e9f7ba2aa4ff18d91cd75a897d5e944c
a59ad49987df942166b93ba04eb1302797b996f62a912ae48420d83ebe19e2a5
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aaf8461689700c96cc1d2dd9a7ba5318c3f2616f7deb3d5a58683c6e5f7a8254
acf9f64f4735b2996600dbb9b0ae1a7f8dd1215a7a76c5af5be834b05a1e147a
adece896da2a228817053c56326cebeb1f6782f9be5ffc8773d68c3fbed6201f
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b029431e415fa0fd5d3fc2b2922c87bd5c1117c5b1e26effb776f5ada57f8610
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4deb89f60d01ce4790cd5250718d89242a2660499cf729db3b02f0eb4fc196f
b87ec13692b6226e23fbb9fd35bc2e81df04fba6e7ced92c527c8ce4a6da61ab
b8d99191997f9c3e6794142cba8b2959a673c7cd044871697b0e969620a584ab
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
bd4e3ce62b5ffa50931f64771cefd93634cf7f8524bcbfeee074020412acd4ce
bd710064255e57a54531cd8a8d999e23e1ec9001b17edb06805b99c6e359818f
beca446f73ac99cf23a4c81064e18874e335a68aa7d00fbfaca6e6a2cc6b315b
c043552be6d98da422ec5c2946c7a6588600e29d9f2a871ba1ea1206d3db813b
c1b2da575466eb30982e08c1020f55bcf2d9565f53bd64c3da87a1d774d75588
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5bcc597ce8a3ec0c0ef52ee8ece8f284ca9739c1bd1bbac380a3deb672d5446
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c971f4cdfa310443ad531d2eec2190a5414951a95fe3b8e63aaa78bd7440080c
cfd9cd5ef922e6f5eadecb187243c97a6616b4b419812d9186326aa0f98f93b2
d1e5834e2c78be1669fa3143514b62754743b90577727c81e2ec2494fee93016
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
dc938f914a45d9704b821d83ed0ac1360240d3ac62d7c60878288c3c67279bc3
e27f5443e8afa3d35f4cc01bb8403d6c6d29c223d107b7e5c4cd624dd6a2bfcb
e2b80247038739299b71545084dc4ebff2edd21e6f1ffafe013376bb2e92c4be
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e59882c1b483ce8a0b00b2812d4893de8aa45b158e3c1bafeffc38e42ee80184
e99683262e578e5c6904c02be62aab50a00f852c8712432aa0a68946f4caccc1
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef0a5fee5e1c10d3257b4bbfce08d6e91791470cffa30a0c78ca01dc715c4799
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a263ac7fff7dd63f407fe98f6f80f2ab4bb56cf8492ab2041af142fa31419e
f3f0d2d853d02738e53dd88e7065c20330ac81ac41cbf61a87f2339861b44a2d
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f8b622b85c9f40aa67a2795721d859ee6bd105052cb645adce501d3a1d9d5699
f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16
fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48