www.dtto.com Open in urlscan Pro
2606:4700:4400::6812:252c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dtto.com/
Effective URL:
https://www.dtto.com/f
Submission: On November 15 via manual (November 15th 2022, 2:08:55 am UTC) from TW — Scanned from DE

Summary HTTP 265 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 44 IPs in 6 countries across 36 domains to perform 265 HTTP transactions. The main IP is 2606:4700:4400::6812:252c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dtto.com.
TLS certificate: Issued by E1 on October 13th 2022. Valid for: 3 months.

This is the only time www.dtto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 83	2606:4700:440... 2606:4700:4400::6812:252c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23 29	2606:4700::68... 2606:4700::6810:cc3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	34.149.157.153 34.149.157.153	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
2	108.157.4.121 108.157.4.121	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
27	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	88.221.169.95 88.221.169.95	16625 (AKAMAI-AS) (AKAMAI-AS)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1 6	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
19	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
5	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 5	2a02:26f0:170... 2a02:26f0:1700:3::5f65:1ba7	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5 15	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	23.11.239.181 23.11.239.181	16625 (AKAMAI-AS) (AKAMAI-AS)
16	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
5	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 3	88.221.168.166 88.221.168.166	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
265	44

83 2606:4700:4400::6812:252c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dtto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dtto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bilanx.dtto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700::6810:cc3a (United States) 23 redirects

ASN13335 (CLOUDFLARENET, US)

megapx.dcard.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgur.dcard.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 34.149.157.153 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 153.157.149.34.bc.googleusercontent.com

megapx-assets.dcard.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-121.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.95 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-95.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:1700:3::5f65:1ba7 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.212.162 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.85 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.11.239.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-11-239-181.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.221.168.166 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-166.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	dtto.com 2 redirects dtto.com www.dtto.com bilanx.dtto.com	1 MB
54	dcard.tw 23 redirects megapx.dcard.tw — Cisco Umbrella Rank: 329530 megapx-assets.dcard.tw — Cisco Umbrella Rank: 260999 imgur.dcard.tw — Cisco Umbrella Rank: 416893	686 KB
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136	282 KB
33	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294 ad.doubleclick.net — Cisco Umbrella Rank: 173	266 KB
16	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	233 KB
10	doubleverify.com 1 redirects cdn.doubleverify.com — Cisco Umbrella Rank: 448 rtb0.doubleverify.com — Cisco Umbrella Rank: 649 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 14565 tps.doubleverify.com — Cisco Umbrella Rank: 457 tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 9195	139 KB
7	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418	6 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	2 KB
6	gstatic.com fonts.gstatic.com	226 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 353	109 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 209	4 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	129 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 2536	20 KB
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 662	1 KB
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 407 rtb.openx.net — Cisco Umbrella Rank: 1473	770 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 307	913 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 929	417 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1487	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1226	344 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	203 B
2	google.de www.google.de — Cisco Umbrella Rank: 5922 adservice.google.de — Cisco Umbrella Rank: 8709	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 139	112 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 146	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	121 KB
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 615	464 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1472	297 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 540	98 B
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 508	579 B
1	line.me tr.line.me — Cisco Umbrella Rank: 13328	425 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 528	397 B
1	t.co t.co — Cisco Umbrella Rank: 475	378 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 603	15 KB
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 14049	10 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 300	402 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1039	6 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
265	36

	Domain	Requested by
77	www.dtto.com	1 redirects www.dtto.com
25	megapx-assets.dcard.tw	www.dtto.com
23	megapx.dcard.tw	23 redirects
21	pagead2.googlesyndication.com	www.dtto.com tpc.googlesyndication.com 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net www.googletagservices.com
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.dtto.com 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com googleads.g.doubleclick.net cdn.ampproject.org ad.doubleclick.net
16	s0.2mdn.net	www.dtto.com s0.2mdn.net 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
15	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
7	securepubads.g.doubleclick.net	www.dtto.com securepubads.g.doubleclick.net
6	www.google.com	1 redirects tpc.googlesyndication.com www.dtto.com 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
6	imgur.dcard.tw
6	googleads.g.doubleclick.net	www.googletagmanager.com 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com www.dtto.com
6	fonts.gstatic.com	www.dtto.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.doubleverify.com	1 redirects 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com cdn.doubleverify.com www.dtto.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	bilanx.dtto.com	www.dtto.com
4	googleads4.g.doubleclick.net	www.dtto.com ad.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
3	image6.pubmatic.com	3 redirects
3	7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	tpsc-eu3.doubleverify.com	7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com cdn.doubleverify.com
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	odr.mookie1.com	7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
2	e.dlx.addthis.com	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.facebook.com
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	www.dtto.com connect.facebook.net
2	www.google-analytics.com	www.dtto.com
2	sb.scorecardresearch.com	www.dtto.com
2	www.googletagmanager.com	www.dtto.com www.googletagmanager.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	rtb.openx.net	7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
1	cms.quantserve.com	7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
1	ag.innovid.com	7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
1	id.rlcdn.com	7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
1	tags.bluekai.com	7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	tr.line.me
1	analytics.twitter.com
1	t.co
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de
1	static.ads-twitter.com	www.googletagmanager.com
1	d.line-scdn.net	www.dtto.com
1	sentry.io	www.dtto.com
1	static.cloudflareinsights.com	www.dtto.com
1	dtto.com	1 redirects
0	googlecm.hit.gemius.pl Failed	7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
265	55

This site contains links to these domains. Also see Links.

Domain
about.dtto.com
www.wantedly.com

Subject Issuer	Validity	Valid
*.dtto.com E1	`2022-10-13` - `2023-01-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-07-04`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-24` - `2022-11-22`	3 months	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-10` - `2023-03-11`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2022-08-08` - `2023-09-09`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
megapx-assets.dcard.tw GTS CA 1D4	`2022-09-06` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.dtto.com/f
Frame ID: A8FD47EC4D1067ACF7105E8395C5083C
Requests: 164 HTTP requests in this frame

Frame: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EEDF019CF1F98793060D1FA9B1D6FDE2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B62BB9096235287B6D246404BE5F0805
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 36F53B01D3A879744555866FFFBC5881
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: F5FA2D19F278EDFD7781490CF015EBB9
Requests: 16 HTTP requests in this frame

Frame: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2159094DD083A1E2C185C952B8F324E3
Requests: 16 HTTP requests in this frame

Frame: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A31F77899BA0AF47F5DB385CC2D9C2CC
Requests: 24 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 12F093FDEA5D5ED0467EB7E358B3970B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGMGtoNcBMAE&v=APEucNUj540bCJZBF-4Fu1eTQgBp-ntIyjsHHQau0yXs9SieR6ShGlGKknVK9sxVH-X3e000w_ZBhI_R_dw0mluiiwqn0SlFTpfZH1LSyyG1pZN9Moo4l3iD6YAwqA-XClkn4DG6jl8UJnhaPwBT6_MKe60ldNMzBhgra7oZLkPoaQ22t5bn55c
Frame ID: 3AD9C464BBFF42039C68D84B689A5865
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGIetotcBMAE&v=APEucNW05ub5gl0_hLyBRg0qiMfRlZwpHjBySv7sUg3rq-0RERDwPeaTBrRLfxImmRfI9vwqeDr9WbB0wAMwGHIN86nhW1p_OcfOUlStGvHfJaxCamz9kt0RzRtjxi-sTyCTkChMHmwJKULP9ndxqfONEZ1ubGjWNS0l4ToAjPMJaHGBWbd1olI
Frame ID: 602A14096DAF8A90826D1812F8BE4827
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8E356F5F6C04F4B152D9221DCFAF29DC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 67706978114B5E332ED4D497CA3EE82C
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
Frame ID: 03662EED7BA02C6678A3784B24E4D3BA
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CF3015BB2C23679F705ADD4456E5C052
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3130.js
Frame ID: 6DD5A760E749E35256873213E19DE5E4
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 24C6D4B783F1241B2E2022C067CB0BDC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ED41D6BA093FF1F43FF19097D3960FAA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dtto | Social media platform for college studentsFemaleMaleFemaleMaleFemaleFemaleFemaleMale

Page URL History Show full URLs

http://dtto.com/ HTTP 301
https://www.dtto.com/ HTTP 302
https://www.dtto.com/f Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

265
Requests

85 %
HTTPS

50 %
IPv6

36
Domains

55
Subdomains

44
IPs

6
Countries

3472 kB
Transfer

9998 kB
Size

40
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://about.dtto.com/faq/en
Title: Frequently asked questions

Search URL Search Domain Scan URL

URL: https://www.wantedly.com/companies/dcard
Title: Hiring

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dtto.com/ HTTP 301
https://www.dtto.com/ HTTP 302
https://www.dtto.com/f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://megapx.dcard.tw/v1/images/9a7cc9af-9f81-43ea-8d9b-968a6441ae51/responsive?width=16 HTTP 302
https://megapx-assets.dcard.tw/images/9a7cc9af-9f81-43ea-8d9b-968a6441ae51/full.webp

Request Chain 2

https://megapx.dcard.tw/v1/images/2484e51a-2cdc-4f0e-a4ea-8d80b4589762/responsive?width=16 HTTP 302
https://megapx-assets.dcard.tw/images/2484e51a-2cdc-4f0e-a4ea-8d80b4589762/full.webp

Request Chain 3

https://megapx.dcard.tw/v1/images/039a093e-93ec-476c-976c-4a53b9b6d11c/responsive?width=16 HTTP 302
https://megapx-assets.dcard.tw/images/039a093e-93ec-476c-976c-4a53b9b6d11c/full.webp

Request Chain 4

https://megapx.dcard.tw/v1/images/52057289-337a-4f2f-88c0-cb8a77ee422a/responsive?width=16 HTTP 302
https://megapx-assets.dcard.tw/images/52057289-337a-4f2f-88c0-cb8a77ee422a/full.webp

Request Chain 98

https://megapx.dcard.tw/v1/images/4c22324c-0c01-4c7e-8010-8ac0906b8dd4/responsive?width=16 HTTP 302
https://megapx-assets.dcard.tw/images/4c22324c-0c01-4c7e-8010-8ac0906b8dd4/160.webp

Request Chain 103

https://megapx.dcard.tw/v1/images/88867546-d137-49d4-b024-ed82985b56d1/responsive?width=16 HTTP 302
https://megapx-assets.dcard.tw/images/88867546-d137-49d4-b024-ed82985b56d1/160.webp

Request Chain 175

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIxi5pYe3OXSCjeNcwFhETw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIxi5pYe3OXSCjeNcwFhETw&google_cver=1&C=1

Request Chain 176

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3L0r45eGsjahThPggUPhgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIxi5pYe3OXSCjeNcwFhETw&google_cver=1

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELYlik0Hd3pWd_Zq4nzYuDY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELYlik0Hd3pWd_Zq4nzYuDY%26google_cver%3D1

Request Chain 178

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA3NDU0MjM3NjczMjkyMDYwMg%3D%3D

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHTJICHdwN9mSvx3tKnjU9E&google_cver=1

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEHg_51VaIBCHy4-mrpDEPBI&google_cver=1

Request Chain 184

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 204

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZTZRtlePbtMaUc37ee1UNLsp72zDZgcks6HX_WqmLxQ4tMGEDLAl5XACl8hNH3tzawHOfV23DUhPp7uNkO80eixY4u1sg&google_gid=CAESEJndhfzr6VJXVH3yooX8_nk&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZTZRtlePbtMaUc37ee1UNLsp72zDZgcks6HX_WqmLxQ4tMGEDLAl5XACl8hNH3tzawHOfV23DUhPp7uNkO80eixY4u1sg&google_gid=CAESEJndhfzr6VJXVH3yooX8_nk&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMTUwMjA4NDcwMDAxODI2OTU3NzA5OQ%3D%3D&google_push=ASkJ3FZTZRtlePbtMaUc37ee1UNLsp72zDZgcks6HX_WqmLxQ4tMGEDLAl5XACl8hNH3tzawHOfV23DUhPp7uNkO80eixY4u1sg

Request Chain 206

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMpzIr-MOuVgjfXVggJVJXo&google_cver=1&google_push=ASkJ3FYZ-o8y89RMFtyRauLKwDbbZrQqnh6O7py_FxnR0G1LGaClnDHNBpzp8z72Oru6NobKzpPA7iR-ZZWdu4uGBCWT942KFiQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMpzIr-MOuVgjfXVggJVJXo&google_cver=1&google_push=ASkJ3FYZ-o8y89RMFtyRauLKwDbbZrQqnh6O7py_FxnR0G1LGaClnDHNBpzp8z72Oru6NobKzpPA7iR-ZZWdu4uGBCWT942KFiQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nHdCCDvfQU-7ltaHBIZWvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYZ-o8y89RMFtyRauLKwDbbZrQqnh6O7py_FxnR0G1LGaClnDHNBpzp8z72Oru6NobKzpPA7iR-ZZWdu4uGBCWT942KFiQ

Request Chain 207

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIpD7apnrWdoOcdSZAJSaVw&google_cver=1&google_push=ASkJ3FY0CWzMGAEw5SlzxDbvTRjOUv-5L4hFtixrFBUugMtDhk2eUbi37Y8jsxn8Rt3bufwsL1_u4jdo2leBHwaAysdsYv_HSds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFIS1NRSzgtVC01RDhD&google_push=ASkJ3FY0CWzMGAEw5SlzxDbvTRjOUv-5L4hFtixrFBUugMtDhk2eUbi37Y8jsxn8Rt3bufwsL1_u4jdo2leBHwaAysdsYv_HSds

Request Chain 208

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFgetyBMmWlKeES_ocCShC8&google_cver=1&google_push=ASkJ3FaCm2pD6MCkCLeaW0qRv_nVUJn9Q12E9rfc5Uz5MyjrIfAXbJ77OgRHVpeT0EhIMrzBopU5AygrkT0oZcLXmy_aqTeuIr8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFgetyBMmWlKeES_ocCShC8&google_hm=Y3L0r45eGsjahThPggUPhgAADNUAAAIB&google_nid=index&google_push=ASkJ3FaCm2pD6MCkCLeaW0qRv_nVUJn9Q12E9rfc5Uz5MyjrIfAXbJ77OgRHVpeT0EhIMrzBopU5AygrkT0oZcLXmy_aqTeuIr8

Request Chain 249

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAQlJZiY4r_sth-a8TNXl8o&google_cver=1&google_push=ASkJ3FaXji6dtHIrSYlc6XaWvQFDbnBUAO2srTovcEGdOdTeoWIrnTK1iVHIq3A2TK67ovb14AZOUvTsTOP-Q48EkQz4wjnjeR8d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nHdCCDvfQU-7ltaHBIZWvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaXji6dtHIrSYlc6XaWvQFDbnBUAO2srTovcEGdOdTeoWIrnTK1iVHIq3A2TK67ovb14AZOUvTsTOP-Q48EkQz4wjnjeR8d

Request Chain 250

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENqIHHmhMngw44mmChk2lg0&google_cver=1&google_push=ASkJ3FYLCoJlEbGQU-6koyMcpC1sE8UhBGjeHU3zpxBgss7Wn4mrITuVn2lUFwv4CHlpVwwc9KsmL_4j3LftWFxzAykcHDZ39lKh HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFIS1NSMFAtUy1LN0Y1&google_push=ASkJ3FYLCoJlEbGQU-6koyMcpC1sE8UhBGjeHU3zpxBgss7Wn4mrITuVn2lUFwv4CHlpVwwc9KsmL_4j3LftWFxzAykcHDZ39lKh

Request Chain 251

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHAvW-44PMpF7fvhX6YhcDc&google_cver=1&google_push=ASkJ3FaJUODZwua4_fgXifavATGBgWgaMwbal8v91eDWscthmxUr18_tWNS0m1SclHUAUsvY_C86yDYa0I7gm5aXvb56H7Jk03vg HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHAvW-44PMpF7fvhX6YhcDc&google_hm=Y3L0r45eGsjahThPggUPhgAADNUAAAIB&google_nid=index&google_push=ASkJ3FaJUODZwua4_fgXifavATGBgWgaMwbal8v91eDWscthmxUr18_tWNS0m1SclHUAUsvY_C86yDYa0I7gm5aXvb56H7Jk03vg

Request Chain 260

https://megapx.dcard.tw/v1/images/f7d191d6-73d6-46f5-8c9e-a7aefaf68ff4/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/f7d191d6-73d6-46f5-8c9e-a7aefaf68ff4/160.webp

Request Chain 261

https://megapx.dcard.tw/v1/images/bfa91223-116a-45cd-bdfd-d09f677545df/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/bfa91223-116a-45cd-bdfd-d09f677545df/160.webp

Request Chain 262

https://megapx.dcard.tw/v1/images/56b8f3a9-eac8-429b-a089-e5f4e98d76fb/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/56b8f3a9-eac8-429b-a089-e5f4e98d76fb/160.webp

Request Chain 263

https://megapx.dcard.tw/v1/images/603ec5a5-771b-4017-86af-669944db962f/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/603ec5a5-771b-4017-86af-669944db962f/160.webp

Request Chain 264

https://megapx.dcard.tw/v1/images/dd59578f-2bc1-43cd-a42f-dcdf214466e1/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/dd59578f-2bc1-43cd-a42f-dcdf214466e1/160.webp

Request Chain 265

https://megapx.dcard.tw/v1/images/842431b2-87b7-440a-8b44-476f41679e8c/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/842431b2-87b7-440a-8b44-476f41679e8c/160.webp

Request Chain 266

https://megapx.dcard.tw/v1/images/be2fce02-f97a-47e8-a4f5-769de29c100d/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/be2fce02-f97a-47e8-a4f5-769de29c100d/160.webp

Request Chain 267

https://megapx.dcard.tw/v1/images/01f66d7c-6241-4161-adfa-152e32e266e7/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/01f66d7c-6241-4161-adfa-152e32e266e7/160.webp

Request Chain 268

https://megapx.dcard.tw/v1/images/b8847b92-3078-4a64-9347-46b1f9dec400/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/b8847b92-3078-4a64-9347-46b1f9dec400/160.webp

Request Chain 269

https://megapx.dcard.tw/v1/images/20072bad-8775-4100-af6e-afbb95e9509e/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/20072bad-8775-4100-af6e-afbb95e9509e/160.webp

Request Chain 270

https://megapx.dcard.tw/v1/images/a9850752-eb00-4e64-b910-36e1edf4314b/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/a9850752-eb00-4e64-b910-36e1edf4314b/160.webp

Request Chain 271

https://megapx.dcard.tw/v1/images/8cc95d8a-3395-4f11-8d88-732e15ddf3ce/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/8cc95d8a-3395-4f11-8d88-732e15ddf3ce/160.webp

Request Chain 272

https://megapx.dcard.tw/v1/images/2ea9b1f3-2aef-4fdd-88af-5e175c2865d4/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/2ea9b1f3-2aef-4fdd-88af-5e175c2865d4/160.webp

Request Chain 273

https://megapx.dcard.tw/v1/images/a74ad8f7-0a31-4d3c-bbaa-18cac681d6ba/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/a74ad8f7-0a31-4d3c-bbaa-18cac681d6ba/160.webp

Request Chain 274

https://megapx.dcard.tw/v1/images/a5037adb-3cb4-41a4-8103-779646e4535f/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/a5037adb-3cb4-41a4-8103-779646e4535f/160.webp

Request Chain 275

https://megapx.dcard.tw/v1/images/88023499-70e6-426d-ac0f-468180eb143c/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/88023499-70e6-426d-ac0f-468180eb143c/160.webp

Request Chain 276

https://megapx.dcard.tw/v1/images/59fb00da-c217-4b1a-b709-46e21be3076c/responsive?width=32 HTTP 302
https://megapx-assets.dcard.tw/images/59fb00da-c217-4b1a-b709-46e21be3076c/160.webp

Request Chain 277

https://cdn.doubleverify.com/redirect/?host=tpsc-eu3&param=akipv6&impid=42adc612c8f8452e84c7b4995a15ee47&dup=&cbust=1668478128657158 HTTP 302
https://tpsc-eu3.doubleverify.com/event.png?impid=42adc612c8f8452e84c7b4995a15ee47&akipv6=2001:1b60:2:240:3247::2&dup=

265 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request f Show response
www.dtto.com/
Redirect Chain

http://dtto.com/
https://www.dtto.com/
https://www.dtto.com/f

374 KB
49 KB

1495ms
1494ms

Document
text/html

2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

242b827c6acc5c9dfa4e40b98e9e4a1e7421964cc7e0133e0aec5f13ff1f25eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=1200
cf-cache-status: MISS
cf-ray: 76a470c85ecc9c06-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 15 Nov 2022 02:08:43 GMT
dc-trace-id: 5d7ab659314c3cf9b9bcc3ab5474a1b9
last-modified: Tue, 15 Nov 2022 02:08:43 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-forward-device: desktop
x-forward-lang: en-US
x-forward-region: JP
x-forward-rtt: 1453
x-forward-url: https://www.dtto.com/f?__region=JP&__deviceType=desktop
x-frame-options: DENY

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 76a470c80e799c06-FRA
date: Tue, 15 Nov 2022 02:08:42 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
location: /f
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 dtto_logo.4735611f.svg
www.dtto.com/_next/static/media/ 1 KB
804 B 364ms
364ms Image
image/svg+xml 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dtto.com/_next/static/media/dtto_logo.4735611f.svg

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfc8b6996355ced08153df6674a6676d329695619e29f8e276d07188e19e5ca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"42e-18475c54f40"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1da9d9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

full.webp
megapx-assets.dcard.tw/images/9a7cc9af-9f81-43ea-8d9b-968a6441ae51/
Redirect Chain

https://megapx.dcard.tw/v1/images/9a7cc9af-9f81-43ea-8d9b-968a6441ae51/responsive?width=16
https://megapx-assets.dcard.tw/images/9a7cc9af-9f81-43ea-8d9b-968a6441ae51/full.webp

892 B
1 KB

87ms
21ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/9a7cc9af-9f81-43ea-8d9b-968a6441ae51/full.webp
Requested by: Host: www.dtto.com
URL: https://www.dtto.com/f
Protocol: H2
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4db00624d1251f8677dc1a1c77b7e367ff03fa722399540bd933fa1c73725a1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 05:43:25 GMT
via: 1.1 google
age: 1023919
x-guploader-uploadid: ADPycdtb24d-upTxCNMaEp35-ZRKM4xe09brQcq8DrHbikFHL0VQzsjTmkXtx-0-k1eXeWLeDHrGmVwzMWx3b05pnExyDgsYREqI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 892
last-modified: Wed, 21 Sep 2022 07:51:08 GMT
server: UploadServer
etag: "a895d6b0dd2f67b2c8b43dbb8c757a93"
x-goog-generation: 1663746667967433
x-goog-hash: crc32c=G89bow==, md5=qJXWsN0vZ7LItD27jHV6kw==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 892
accept-ranges: bytes
content-type: image/webp
expires: Fri, 03 Nov 2023 05:43:25 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-b757a2d9afed6dbb90814f6e008873aa-041974610b8e6ee0-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/9a7cc9af-9f81-43ea-8d9b-968a6441ae51/full.webp
cache-control: no-store
cf-ray: 76a470d24b326963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95
dc-trace-id: b757a2d9afed6dbb90814f6e008873aa

GET
H2

200

full.webp
megapx-assets.dcard.tw/images/2484e51a-2cdc-4f0e-a4ea-8d80b4589762/
Redirect Chain

https://megapx.dcard.tw/v1/images/2484e51a-2cdc-4f0e-a4ea-8d80b4589762/responsive?width=16
https://megapx-assets.dcard.tw/images/2484e51a-2cdc-4f0e-a4ea-8d80b4589762/full.webp

786 B
1 KB

86ms
20ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/2484e51a-2cdc-4f0e-a4ea-8d80b4589762/full.webp
Requested by: Host: www.dtto.com
URL: https://www.dtto.com/f
Protocol: H2
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d5d053d816e6247c7b42db56e895a6515c46929babb9d575671cf40f245326eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 23:19:15 GMT
via: 1.1 google
age: 1565369
x-guploader-uploadid: ADPycduUAGyB0RoVnxSpJkSa9mtQBajwfWg9vfQPafwi3G0b5IgGTW0QcTn9oUnvgp7n_vBS8h8305Gmiu_p3rG2bNm4PeQUgKvA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786
last-modified: Wed, 21 Sep 2022 07:51:08 GMT
server: UploadServer
etag: "0e668a8c3c940f9c52a4728d4bf84d9f"
x-goog-generation: 1663746667967548
x-goog-hash: crc32c=UGzBcg==, md5=DmaKjDyUD5xSpHKNS/hNnw==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 786
accept-ranges: bytes
content-type: image/webp
expires: Fri, 27 Oct 2023 23:19:15 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-b87298daa6ad0f25d91c37ebc0d85e3c-c2b8a492ae39a4f8-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/2484e51a-2cdc-4f0e-a4ea-8d80b4589762/full.webp
cache-control: no-store
cf-ray: 76a470d24b346963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95
dc-trace-id: b87298daa6ad0f25d91c37ebc0d85e3c

GET
H2

200

full.webp
megapx-assets.dcard.tw/images/039a093e-93ec-476c-976c-4a53b9b6d11c/
Redirect Chain

https://megapx.dcard.tw/v1/images/039a093e-93ec-476c-976c-4a53b9b6d11c/responsive?width=16
https://megapx-assets.dcard.tw/images/039a093e-93ec-476c-976c-4a53b9b6d11c/full.webp

770 B
1 KB

87ms
22ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/039a093e-93ec-476c-976c-4a53b9b6d11c/full.webp
Requested by: Host: www.dtto.com
URL: https://www.dtto.com/f
Protocol: H2
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2fbb2b1eb1ced32480a529830153a6897fa81ecee4781a49857d9b3502c6ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 22:53:41 GMT
via: 1.1 google
age: 1566903
x-guploader-uploadid: ADPycdvzh432-zXQmudZIx_OAIm5JzeDy0gjeIXuraffLll3WwWMjcGmjMq3-NTPh0lgWwEUIwnicC8Vzhj9TmVdWE2dJPTB3zRc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 770
last-modified: Wed, 21 Sep 2022 07:54:00 GMT
server: UploadServer
etag: "3320fb457fe5bed8088a5fa79da39134"
x-goog-generation: 1663746840278531
x-goog-hash: crc32c=k5T/Pw==, md5=MyD7RX/lvtgIil+nnaORNA==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 770
accept-ranges: bytes
content-type: image/webp
expires: Fri, 27 Oct 2023 22:53:41 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-f9cf6316a2a40cafecf967bb42fbb2ba-ac574fe1555656b8-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/039a093e-93ec-476c-976c-4a53b9b6d11c/full.webp
cache-control: no-store
cf-ray: 76a470d24b356963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95
dc-trace-id: f9cf6316a2a40cafecf967bb42fbb2ba

GET
H2

200

full.webp
megapx-assets.dcard.tw/images/52057289-337a-4f2f-88c0-cb8a77ee422a/
Redirect Chain

https://megapx.dcard.tw/v1/images/52057289-337a-4f2f-88c0-cb8a77ee422a/responsive?width=16
https://megapx-assets.dcard.tw/images/52057289-337a-4f2f-88c0-cb8a77ee422a/full.webp

682 B
962 B

86ms
21ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/52057289-337a-4f2f-88c0-cb8a77ee422a/full.webp
Requested by: Host: www.dtto.com
URL: https://www.dtto.com/f
Protocol: H2
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a8debb352b0305029486ab930f9be2f973975794b5cd98d35a61f110de9d7991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 16:28:46 GMT
via: 1.1 google
age: 207598
x-guploader-uploadid: ADPycduzxQ4icTAd8ErViXGGfXm1CUzgzz_EpG7JXKC60FIKyIvyJUf0YnxxZ3x_f67NLL4MxU3OEOkz_jOuj2oDZYcv
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 682
last-modified: Wed, 21 Sep 2022 06:59:22 GMT
server: UploadServer
etag: "372ea9e2983df97b76efce55d27e166c"
x-goog-generation: 1663743562091639
x-goog-hash: crc32c=90ynqA==, md5=Ny6p4pg9+Xt2785V0n4WbA==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 682
accept-ranges: bytes
content-type: image/webp
expires: Sun, 12 Nov 2023 16:28:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-10fc20c718a171b659f01e9bcf42da09-c280b7dbded06bf6-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/52057289-337a-4f2f-88c0-cb8a77ee422a/full.webp
cache-control: no-store
cf-ray: 76a470d24b366963-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 95
dc-trace-id: 10fc20c718a171b659f01e9bcf42da09

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 142 KB
55 KB 106ms
35ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5T9HQL

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b300cef81c33f00afe4c851e14e0ca7de24413970b98691bb8b99265a5ad24e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55528
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Nov 2022 02:08:43 GMT

GET
H3 200 3323798d44e04a94.css
www.dtto.com/_next/static/css/ 10 KB
4 KB 378ms
378ms Stylesheet
text/css 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/css/3323798d44e04a94.css

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeadf01b666963ef4bcbe6eb4dd3dc2e56505c4655a1ec65f74843a2be846ece

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"2787-18475c54f40"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1da9f9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 b81b4f6ff389f365.css
www.dtto.com/_next/static/css/ 17 KB
6 KB 359ms
359ms Stylesheet
text/css 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/css/b81b4f6ff389f365.css

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43d25cbd913c9c11c817e2a13dd1b8ba5266193368cad328ba58cc5ef40eaae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"4346-18475c54f40"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1daa19134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 a6e7fe183f259272.css
www.dtto.com/_next/static/css/ 4 KB
2 KB 379ms
379ms Stylesheet
text/css 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/css/a6e7fe183f259272.css

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

426ee0236cee8f3a865445ae2490d16ffd726477506b4da8c1ca9c719824577a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"104f-18475c54f40"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1daa49134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 12ff0335f3fed6e2.css
www.dtto.com/_next/static/css/ 3 KB
1 KB 342ms
341ms Stylesheet
text/css 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/css/12ff0335f3fed6e2.css

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3088e63d7226775cb86b94f572b4f465fd3c006fd67dd4c442c576a6b1ea91c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"c03-18475c54f40"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1daa59134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 e949a98d46fa4608.css
www.dtto.com/_next/static/css/ 2 KB
1 KB 338ms
338ms Stylesheet
text/css 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/css/e949a98d46fa4608.css

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4782439d86c1e5d446dd82c371f600d9088b2d495179d4f18959c349eb5dc891

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"92b-18475c54f40"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1daa79134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 11efd6567f9cd012.css
www.dtto.com/_next/static/css/ 607 B
596 B 355ms
355ms Stylesheet
text/css 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/css/11efd6567f9cd012.css

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b17bfedca5bf1099ec2a1ff8583e75559cb22af331ebb37ba747abee37faf01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"25f-18475c54f40"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1daa99134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 f8dea60aa6dd391f.css
www.dtto.com/_next/static/css/ 209 B
421 B 337ms
336ms Stylesheet
text/css 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/css/f8dea60aa6dd391f.css

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76860def2b4142e3c665d7df7f65e708a8374bb81f8b3640798de6f4a00eec75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"d1-18475c54f40"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1daaa9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 0bc7101ac1e07438.css
www.dtto.com/_next/static/css/ 104 B
366 B 400ms
399ms Stylesheet
text/css 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/css/0bc7101ac1e07438.css

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74b02571827f551a6cb5b3a42b0239c4a7d2c00bcd5a9f8de9e8c6d955133596

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"68-18475c54f40"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1daac9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 be2d44dc905ea3b6.css
www.dtto.com/_next/static/css/ 4 KB
2 KB 326ms
325ms Stylesheet
text/css 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/css/be2d44dc905ea3b6.css

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf845dc66e9cb5950c3a0b2285a1d60cd9894d49ef4dda64fcfa00e1f15f09c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"ed9-18475c54f40"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1daad9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 7669-1d2c44ca9b4169b9.js Show response
www.dtto.com/_next/static/chunks/ 17 KB
4 KB 393ms
382ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/7669-1d2c44ca9b4169b9.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

628e833b30a114c3c244e01b37971d8557e5a698f47341a5c6cbd9b0e5d926b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"456a-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fac39134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 3800.f6247ac55ae18c7a.js Show response
www.dtto.com/_next/static/chunks/ 28 KB
7 KB 393ms
382ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/3800.f6247ac55ae18c7a.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

271f234ab67ca1d0b928356876f41058e08eb9cac0f543ae123006c54a617b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"6eb9-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fac59134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 8020.85192040e837dafb.js Show response
www.dtto.com/_next/static/chunks/ 56 KB
13 KB 346ms
336ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/8020.85192040e837dafb.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7268e9fff51614a8b7b2c58bee8144d420df4a41662f1c0d4d258683dd36ba3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"e166-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fac69134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 4121.8f30cb3a195a89c5.js Show response
www.dtto.com/_next/static/chunks/ 1 KB
685 B 417ms
407ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/4121.8f30cb3a195a89c5.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9126aa152f75f8a0385289baba5d603e9b4ca071318ccc0efd192b8a42098644

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"428-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fac99134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 8686-623ae76e463f5c2a.js Show response
www.dtto.com/_next/static/chunks/ 11 KB
4 KB 395ms
385ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/8686-623ae76e463f5c2a.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a90007763129fb942eb1e42d6ae0a02cff037f7cee75fb8a79afa9afc69d5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"2c43-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1facb9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 6108-8847f2b9f672f58b.js Show response
www.dtto.com/_next/static/chunks/ 48 KB
9 KB 418ms
408ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/6108-8847f2b9f672f58b.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28536fa93b6024ac3bd9329c9e47f3a5430563cc5928d05a42af4e6bd9e41eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"c178-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1facd9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 4202.615b962a52636934.js Show response
www.dtto.com/_next/static/chunks/ 47 KB
11 KB 368ms
358ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/4202.615b962a52636934.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08fd2b7e868d8c0d45a1fd1ae67e1810c982afeefe79677a6fe4d38f0d857ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"bc75-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1face9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 7267.ca763af1ccd84ace.js Show response
www.dtto.com/_next/static/chunks/ 4 KB
2 KB 353ms
344ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/7267.ca763af1ccd84ace.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b2634b2b940739dcfd628497b0905a38ea85099f97b3f81f2f2221d083dea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"f1b-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fad09134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 9659.ae8bfc2e28909bf7.js Show response
www.dtto.com/_next/static/chunks/ 11 KB
3 KB 369ms
359ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/9659.ae8bfc2e28909bf7.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f910a7060bf3794dee4c3ccc43e288c6826e4fa64ca79cab536e1e17beb317b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"2cea-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fad29134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 5968.5f7bd40d2a0ae635.js Show response
www.dtto.com/_next/static/chunks/ 3 KB
1 KB 372ms
362ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/5968.5f7bd40d2a0ae635.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad02300b942922661c3a394159ea6609bdf2d3e9c48dd2d618c4414bbe986e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"a7f-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fad49134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 6173.8623c2ae1716840d.js Show response
www.dtto.com/_next/static/chunks/ 31 KB
8 KB 424ms
414ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/6173.8623c2ae1716840d.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfe5138294c2908e3030fbd62513a864fa6fcdad073c9dc0afc16659a2a7fb4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"7baf-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fad69134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 webpack-e5ffa91f65b47d40.js Show response
www.dtto.com/_next/static/chunks/ 22 KB
9 KB 435ms
425ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/webpack-e5ffa91f65b47d40.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49cb320e70318f3e92fa92494c530bf3bbf0b481738bd43ba6665d51920ff684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"588a-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fad99134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 framework-eec3e4dc73ba9524.js Show response
www.dtto.com/_next/static/chunks/ 139 KB
46 KB 392ms
382ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/framework-eec3e4dc73ba9524.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf995b8385fdee4b0843b4873ca0f0bcf42e346c5ccf4099ed7633adfc30600

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"22b1f-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fada9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 main-77553da14d6132da.js Show response
www.dtto.com/_next/static/chunks/ 139 KB
37 KB 372ms
362ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/main-77553da14d6132da.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2868202b2fac677a2b61bdff511bd74fa62b16aa8a1554019fbdb505b018528

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"22d63-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fadc9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 _app-0208df9d10a6220f.js Show response
www.dtto.com/_next/static/chunks/pages/ 2 MB
389 KB 420ms
410ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23e5ea2e3be11df00300c8bddac3eaea090fb569bc430be202f5ce638fc57ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"1b6ad1-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fadd9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 2247-925fc94a456e5500.js Show response
www.dtto.com/_next/static/chunks/ 38 KB
10 KB 422ms
412ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/2247-925fc94a456e5500.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1248d4d779a8fbe011a884e4fdaa4a4d4a271ae9cf4e37db8e66c887c4dbaa78

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"991f-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fadf9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 7209-c740da2925f3f74f.js Show response
www.dtto.com/_next/static/chunks/ 11 KB
3 KB 422ms
412ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/7209-c740da2925f3f74f.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c0b532aaf2341df2625801caa80e6507e0a5e6823062c559b4dad3cbe9fda4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"2a94-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fae29134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 6860-b96b38eb294ea635.js Show response
www.dtto.com/_next/static/chunks/ 45 KB
11 KB 454ms
444ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/6860-b96b38eb294ea635.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98ec4ed14adbf73b89e413f4eef7bddbb9d52b79ca4cfbc0e8533d659db8c333

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"b4a4-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fae39134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 3550-7aa704257a784dad.js Show response
www.dtto.com/_next/static/chunks/ 104 KB
29 KB 422ms
413ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/3550-7aa704257a784dad.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fc1cbeb7ce2869f4b50b6462d47e8bfcde492b47a681baa4d9e4699422025d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"19ea2-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fae49134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 1340-5ea1547bf7f891fc.js Show response
www.dtto.com/_next/static/chunks/ 14 KB
4 KB 436ms
426ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/1340-5ea1547bf7f891fc.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c674daaf26f5e4c92541781a019894952690eb251725a30df75131e9c5d8741f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"387d-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fae59134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 9249-d5b0197586933bc4.js Show response
www.dtto.com/_next/static/chunks/ 21 KB
4 KB 438ms
428ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/9249-d5b0197586933bc4.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

634fc8a1672438d919bb857e05d3f7d82ddc56711af424303b580e7e88b12f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"537d-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fae69134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 8872-499f984d60791f4c.js Show response
www.dtto.com/_next/static/chunks/ 22 KB
5 KB 442ms
432ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/8872-499f984d60791f4c.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7344ad6681e82afd9fea9fc1701634a5203d997aaae5a9d70cbaef697b1881be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"5656-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fae89134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 1437-2ac5ec40d86b3f2c.js Show response
www.dtto.com/_next/static/chunks/ 24 KB
6 KB 443ms
434ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/1437-2ac5ec40d86b3f2c.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76fa9922b0c8912a6765b0b6d498c2f1997e7f5fe60e185679e0b02c8ec8bdf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"6016-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1faea9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 1784-c03a8c5f619aafdc.js Show response
www.dtto.com/_next/static/chunks/ 22 KB
5 KB 447ms
437ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/1784-c03a8c5f619aafdc.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1bb88711ca11da50efa45df1d7fe4055c4717dcf8baf239567a65353cf474f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"56e3-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1faec9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 2797-47e753907f79e686.js Show response
www.dtto.com/_next/static/chunks/ 29 KB
8 KB 447ms
437ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/2797-47e753907f79e686.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7396e7847036871acdf046f207e8152778ce2a9cc7a29dd593f64151ed62a7dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"7385-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1faed9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 375-158b2f55d77c5c09.js Show response
www.dtto.com/_next/static/chunks/ 29 KB
7 KB 448ms
438ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/375-158b2f55d77c5c09.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c68ec695fc9e96c4efd72706d7bdc0df7d0512496bbdd674c3a4eb032a680029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"751c-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1faef9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 6250-7ffff2160002ed16.js Show response
www.dtto.com/_next/static/chunks/ 28 KB
6 KB 448ms
438ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/6250-7ffff2160002ed16.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

834c116086d5efe18d8b434bd9019619802b5ac47540d0a59db01117f876b61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"6fdf-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1faf09134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 8737-fb7fc6801cc7b899.js Show response
www.dtto.com/_next/static/chunks/ 25 KB
7 KB 449ms
439ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/8737-fb7fc6801cc7b899.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af0437ace7f3b6502fcd6003821ed1a448009dee53390dc06f4d2512984d2820

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"65fe-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1faf19134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 9071-149a955b500f9f0b.js Show response
www.dtto.com/_next/static/chunks/ 48 KB
10 KB 450ms
440ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/9071-149a955b500f9f0b.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4445b2cd69596ff0d8e18c614443f12c441f05111755c2d64f64366068b6e68c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"bf42-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1faf39134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 8108-af3e40b8e6a69e48.js Show response
www.dtto.com/_next/static/chunks/ 34 KB
8 KB 453ms
443ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/8108-af3e40b8e6a69e48.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ced01b1b71d1bc7737c9b76639670e9fd5adfcdbcb438cbe94bf528ecaad8f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"8641-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1faf49134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 1049-76d50e291d224161.js Show response
www.dtto.com/_next/static/chunks/ 21 KB
5 KB 450ms
440ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/1049-76d50e291d224161.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

777c02b5e26ed37204a220e5a86884a9501a100c90ccc9fbbdce8f3c2ba58797

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"5446-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1faf59134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 3854-e12d06f2ce55a194.js Show response
www.dtto.com/_next/static/chunks/ 27 KB
7 KB 450ms
441ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/3854-e12d06f2ce55a194.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ff773ed1b2ef8ea1f3255599988f148995c89a88c57b94e1d5a51ad12b62f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"6a77-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1faf79134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 4866-8d04221cc1ceed9f.js Show response
www.dtto.com/_next/static/chunks/ 65 KB
15 KB 451ms
441ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/4866-8d04221cc1ceed9f.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a4cae5e4c333469d81ba7724ee2ba53f4bf898dba15ad38cf8f9dde129ae27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"1023e-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1faf89134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 3645-5108fe331a3bf556.js Show response
www.dtto.com/_next/static/chunks/ 29 KB
9 KB 453ms
443ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/3645-5108fe331a3bf556.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8090ff4811ed86e34450c2885b8061e2885c301aff74597988ab5cbb978ed4fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"759b-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fafa9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 8761-df2d3cb65611607e.js Show response
www.dtto.com/_next/static/chunks/ 298 KB
62 KB 453ms
443ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/8761-df2d3cb65611607e.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49377ad707c426f4c9e75ee86232406b9fe4e497191762c38fe0098a60b52103

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"4a77c-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fafd9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 4408-abce8c495b6eafe5.js Show response
www.dtto.com/_next/static/chunks/ 20 KB
6 KB 454ms
445ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/4408-abce8c495b6eafe5.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db0c72d1ae4ba0892d7a159f08c2de41e5c8b8f9a476666668b3afdd9907b8d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"5004-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1faff9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 9261-e359dba39ecbf767.js Show response
www.dtto.com/_next/static/chunks/ 37 KB
10 KB 455ms
445ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/9261-e359dba39ecbf767.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95b1acb3a50a4fa9f65648dbb22ab62ee66679d90d1bb20bed349e39203bcc82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"9558-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fb019134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 f-c99a411416e8d704.js Show response
www.dtto.com/_next/static/chunks/pages/ 87 KB
21 KB 476ms
467ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/pages/f-c99a411416e8d704.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

356337b76d7f4b9160c875e583b6cee03d68779b3a4122503a07f54ecfa8499f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"15a93-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fb039134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 _buildManifest.js Show response
www.dtto.com/_next/static/eec584d19bac9106629d35a22b40b10f7ce56234/ 18 KB
5 KB 455ms
446ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/eec584d19bac9106629d35a22b40b10f7ce56234/_buildManifest.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08a78d85117790a5ab2c47455af0b00256459841773e19d471836f103ef310b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"4617-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fb049134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 _ssgManifest.js Show response
www.dtto.com/_next/static/eec584d19bac9106629d35a22b40b10f7ce56234/ 77 B
330 B 455ms
446ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/eec584d19bac9106629d35a22b40b10f7ce56234/_ssgManifest.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"4d-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470d1fb079134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c35218d0f7ac97666bd7a3afbf06afbd22752e1eeaffc57f2a156ac137127fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 104ms
60ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.dtto.com
URL: https://www.dtto.com/f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.dtto.com/
Origin: https://www.dtto.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:43 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 76a470d24bb09974-FRA

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0119994290d4729b216aa0237696536107bc78baf11c8a9ddf29fb785bbdf905

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1294a9e4bb03a8c5f50defb9b9ec17cca7edce8b616ca12ac2fec128ec9d6b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e1a02a0db42011570ff8a5277d6717bcb5f9c790b24a2bfe9a7cb67a6e1e7c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8d6322ca32ce3a55136c371c104bfb9a08ad942b2b63152269eef2590c132de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5dbdf681d8276a3c342db241c301c634ca81db30af7f3c67fdc327a68a52070a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98b1194a7053041193519e5ce99f1ced1be25876fcceace435586ee752fab66f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87e897d5a812b332e575d766382358735b492905c15aa8ed690ec6dd11ecad19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cec40527e8188d034fd90b569dd841f089f032bae84aa3f4e0475c25d203b8aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37ceb009ac38005793b361babaa0b4b5970c029c5854f0198b418fe672e4e7f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5182ae6795f103085d25f0aeae4b8b1aace2c64515035b225b26a13e055c5cc4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52c3181bdd6fa90a14bb3fddc1162ec72a6e9de45c331af7f441173fd4984b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 79ms
22ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dtto.com/
Origin: https://www.dtto.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:50:33 GMT
x-content-type-options: nosniff
age: 15491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 21:50:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 83ms
26ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dtto.com/
Origin: https://www.dtto.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 16:13:10 GMT
x-content-type-options: nosniff
age: 208534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11072
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 16:13:10 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlvAA.woff
fonts.gstatic.com/s/roboto/v30/ 64 KB
64 KB 97ms
40ms Font
font/woff 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlvAA.woff

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b588388326a9d3d30442904afd354fbb2f1feeb88ffca342e1c2f0391a692910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dtto.com/
Origin: https://www.dtto.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 13:48:49 GMT
x-content-type-options: nosniff
age: 217195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65556
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Nov 2023 13:48:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Me5g.woff
fonts.gstatic.com/s/roboto/v30/ 64 KB
64 KB 107ms
55ms Font
font/woff 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Me5g.woff

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41533d5c6eab361631aa3cf8bf7b8a2e6babfcc42a1aa950b2b0cd80c109b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dtto.com/
Origin: https://www.dtto.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 14:43:17 GMT
x-content-type-options: nosniff
age: 41127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65456
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 14:43:17 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 66ms
21ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dtto.com/
Origin: https://www.dtto.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:30:52 GMT
x-content-type-options: nosniff
age: 56272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11040
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 10:30:52 GMT

POST
H/1.1 200
OK / Show response
sentry.io/api/1518416/envelope/ 2 B
402 B 550ms
132ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1518416/envelope/?sentry_key=6f4e12f41da04a64a46d3afec82e1277&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.14.1

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.dtto.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 15 Nov 2022 02:08:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: Origin
Content-Type: application/json
access-control-allow-origin: https://www.dtto.com
access-control-expose-headers: x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H3 200 be4f8072963d3c05.css
www.dtto.com/_next/static/css/ 1 KB
807 B 327ms
327ms Stylesheet
text/css 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/css/be4f8072963d3c05.css

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/webpack-e5ffa91f65b47d40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce3b5c4234a82787d531a299f04a38920fb501e43c17f608be8deb7dbe11b36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"43c-18475c54f40"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470de395d9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 7768.0718a59334be7463.js Show response
www.dtto.com/_next/static/chunks/ 72 KB
17 KB 326ms
326ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/7768.0718a59334be7463.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/webpack-e5ffa91f65b47d40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04ee4555b4b3748ec55adf860d7a55c0530a42aeed6b1c234d6cd332f0393ef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"12053-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470de39609134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 9545.705d0bfcdf84c9ee.js Show response
www.dtto.com/_next/static/chunks/ 605 B
594 B 325ms
324ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/9545.705d0bfcdf84c9ee.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/webpack-e5ffa91f65b47d40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e854c7455b2f994fef0fbeb20c2ce9b818188bc485ade17b2ef8009a1817a585

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"25d-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470de49869134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 109ms
24ms Script
application/javascript 108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 19:00:02 GMT
content-encoding: gzip
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 25724
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: MtOYqyqPyC2rV1x99iKNnaIdfq7KBnmo5ooPUw3lZd087UVCmlAQTw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
22ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Nov 2022 01:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3171
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 15 Nov 2022 03:15:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 145ms
55ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/main-77553da14d6132da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d686d2f49f1fba79a674b60c9d0a407df8422f81257bf4003e728be85fbec9e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27313
x-xss-protection: 0
server: sffe
etag: "1392 / 592 of 1000 / last-modified: 1668467156"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Nov 2022 02:08:45 GMT

GET
H3 200 locale-en-US.ebeb81820bf8a029.js Show response
www.dtto.com/_next/static/chunks/ 219 KB
56 KB 619ms
619ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/locale-en-US.ebeb81820bf8a029.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/webpack-e5ffa91f65b47d40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01ac1cd9c642896c4eeea5ff222b75e35aea5e616cab38f1887be300aff2fe8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"36abd-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470de89d49134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 827de0e8-01a9-4b9d-884d-913249ba01a2 Show response
www.dtto.com/service/api/v2/polls/ 530 B
615 B 346ms
345ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/api/v2/polls/827de0e8-01a9-4b9d-884d-913249ba01a2

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15adb2599a55543c8f045b678612eeac27e8ed0b9918a6d7c2cfb872b9505b91

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"gp-294-AA61D191"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, s-maxage=1200
cf-ray: 76a470deca1e9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc-trace-id: cbf525547365705d0d5ea56b290fccae

GET
H3 200 e8b9ed0c-c3cd-483c-82e7-3155f669bed8 Show response
www.dtto.com/service/api/v2/polls/ 591 B
612 B 337ms
336ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/api/v2/polls/e8b9ed0c-c3cd-483c-82e7-3155f669bed8

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eb426bd2df92dd9fc6146fa3972ae23947ffcf0fd1630dfc8df5182e5ccc828

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"gp-354-63903A67"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, s-maxage=1200
cf-ray: 76a470deca229134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc-trace-id: a20b2631044f865639f0a93f422fe8ff

GET
H3 200 fdb14d1d-3fb0-4c75-876b-edc803a9809c Show response
www.dtto.com/service/api/v2/polls/ 925 B
877 B 330ms
329ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/api/v2/polls/fdb14d1d-3fb0-4c75-876b-edc803a9809c

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

609391ffb78e68c288f29447805c789be7d52d5b36a4e3833e8d1e2a08dcbe40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"gp-689-D35E6F75"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, s-maxage=1200
cf-ray: 76a470deca239134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc-trace-id: 883c8f9e563ecc57f24a5458637b7d8e

GET
H3 200 1f15e73f-2ff3-4257-bb46-375b493af417 Show response
www.dtto.com/service/api/v2/polls/ 521 B
630 B 333ms
332ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/api/v2/polls/1f15e73f-2ff3-4257-bb46-375b493af417

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d0acfeda533af73b33d2094a02964dc3079a7d771304d4d780ac5372500926

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"gp-309-B3B037B7"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, s-maxage=1200
cf-ray: 76a470deca269134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc-trace-id: 873f5f28537cb501098ea1bbfd35614f

GET
H3 200 extensions Show response
www.dtto.com/service/mercury/v2/posts/ 10 KB
4 KB 386ms
385ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/mercury/v2/posts/extensions?forumAlias=all&noHawkeye=false&listType=popular&platform=web&country=JP&excludeTypes=adMopub&excludeTypes=feedYarsys&excludeTypes=keyword

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eba3346938e201171b22dc5038405297e54e0d3247efc5fda6fffa878a1fbc87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 02:08:46 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
cache-control: public, max-age=300, s-maxage=300
cf-ray: 76a470deca2a9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc-trace-id: 363fb65927f6626482102f27add28210

POST
H3 204 rum Show response
www.dtto.com/cdn-cgi/ 0
139 B 31ms
28ms XHR
text/plain 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/cdn-cgi/rum?

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.dtto.com/f
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type: application/json

Response headers

date: Tue, 15 Nov 2022 02:08:45 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.dtto.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 76a470df0a6b9134-FRA

GET
H3 200 entries Show response
www.dtto.com/service/api/v2/bookmark/ 2 B
274 B 336ms
336ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/api/v2/bookmark/entries?country=JP

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 02:08:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-store
accept-ranges: bytes
cf-ray: 76a470df0a6e9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
dc-trace-id: de738c1bff6ec5bf63229e846b89d1ef

GET
H3 200 GetHead Show response
www.dtto.com/service/api/v2/popularForums/ 74 B
383 B 329ms
328ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/api/v2/popularForums/GetHead?listKey=popularForums

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6555dc661b39db95fa7646e32a6f9010178c1dd012c2157d017b08a26c06405c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dtto.com/f
accept-language: de-DE,de;q=0.9
x-cache-proxy: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 02:01:25 GMT
server: cloudflare
content-encoding: br
x-cache-ttl-seconds: 159
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
cf-ray: 76a470df0a709134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc-trace-id: 7f6df9e5077584949fb6bfcf657191fb

GET
H3 200 forums Show response
www.dtto.com/service/api/v2/ 979 KB
139 KB 951ms
951ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/api/v2/forums?nsfw=true&withPostListExcludeForums=true

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88edee81704b21b8e047f9b3b80498f4f970c6077fac356be4eaa82813d5b4d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"f4cfe-7WwM5uBH9PBqTBb1ZasYYETsLzc"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, s-maxage=1200
cf-ray: 76a470df1a839134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc-trace-id: 621a172a329db81714c90a88ecffbf95

GET
H2 200 configs Show response
bilanx.dtto.com/v1/ 140 B
268 B 352ms
330ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bilanx.dtto.com/v1/configs?appPlatform=web&appVersion=web%201.929.0&deviceId=bfaaf45c-03c1-447c-b0ef-555827c80881&deviceLanguage=en-US&manufacturer=&memberId=0&model=Chrome%20107.0.5304.110&osVersion=Windows%2010&privateMode=off&productName=Dtto&serviceRegion=JP

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1ccd0e346a2a2aebc5025d7ce99fb1d410deb362c98c0357d3e1d21e26d3568

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.dtto.com
cache-control: private, max-age=600
access-control-allow-credentials: true
cf-ray: 76a470df4d749c06-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 tags Show response
www.dtto.com/service/tagging/v2/ 46 B
320 B 354ms
354ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/tagging/v2/tags?deviceId=bfaaf45c-03c1-447c-b0ef-555827c80881

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e80ae8049baa987b0716119b1ee1d6aa0e3b1703e7ba9c608b5da76042194217

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
etag: W/"1j73il8"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, s-maxage=1200
accept-ranges: bytes
cf-ray: 76a470df2a979134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46
dc-trace-id: f2bd99bffb4bffbbc4e8699a0bcb6068

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 88ms
29ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 15 Nov 2022 02:08:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 8rX/molBetdu29pReVPFgrMWhE5ttKdSVTAqjb0U1Q57YzHTnctg8tv5O2iW9i4Ow8dlGMx5NWz2BsdGG0AX7w==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/308894543/ 2 KB
1 KB 102ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/308894543/?random=1668478125977&cv=11&fst=1668478125977&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.dtto.com%2Ff&tiba=Dtto%20%7C%20Social%20media%20platform%20for%20college%20students&auid=1638837687.1668478126&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5T9HQL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9562b3f6c3d21163fb20ba2c524c6b7c9852078b88bf28175c32613a8c05f292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lt.js Show response
d.line-scdn.net/n/line_tag/public/release/v1/ 32 KB
10 KB 480ms
23ms Script
application/javascript 88.221.169.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

88.221.169.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-169-95.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

55f08f65f3314322d257398acd659ae0bb102e65f62ee5c26daece91d36102d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id: xG2bLtYcgni9PQUkNMNLAJCPbjpLKwo
strict-transport-security: max-age=15768000
content-encoding: gzip
date: Tue, 15 Nov 2022 02:08:46 GMT
x-amz-request-id: tx0000000000000c741a820-0063358363-f4bc21a-jp2
x-amz-storage-class: STANDARD
content-length: 9936
last-modified: Thu, 29 Sep 2022 11:35:53 GMT
server: VOS
etag: "f5e85abfa8f22916484679466fdf5758"
vary: Accept-Encoding
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: public, max-age=27509289
accept-ranges: bytes
expires: Fri, 29 Sep 2023 11:36:55 GMT

GET
H2 200 oct.js Show response
static.ads-twitter.com/ 56 KB
15 KB 172ms
22ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/oct.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5T9HQL
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100093-IAD, cache-hhn11560-HHN

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
66 KB 85ms
40ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CEXCPM63ZK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5T9HQL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e3c4ffc7667e0c48b0d59757af39452615ffed9c10d822f60ed55df5c5d7897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67465
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Nov 2022 02:08:46 GMT

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/4c22324c-0c01-4c7e-8010-8ac0906b8dd4/
Redirect Chain

https://megapx.dcard.tw/v1/images/4c22324c-0c01-4c7e-8010-8ac0906b8dd4/responsive?width=16
https://megapx-assets.dcard.tw/images/4c22324c-0c01-4c7e-8010-8ac0906b8dd4/160.webp

1 KB
1 KB

903ms
850ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/4c22324c-0c01-4c7e-8010-8ac0906b8dd4/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 66d8ed167cc299575192559b75eb144c1e9ddbfb2fab3030e7dd338dee25a199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdt5UIAc21RzmtieqdO-yS43WCMCLvxXDPA0ggCfcXSls7UMBk8RcO3LXvaoeV8sQrC4LqrxHYSlt9n_Q4KuGicCzw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1428
last-modified: Wed, 21 Sep 2022 05:50:42 GMT
server: UploadServer
etag: "017183796941a79f7a5ff40658458d0d"
x-goog-generation: 1663739442405238
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=eV0ElA==, md5=AXGDeWlBp596X/QGWEWNDQ==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1428
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-4f23644d164269c8ddb7e93c620ff276-7d1812c1d422dd6c-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/4c22324c-0c01-4c7e-8010-8ac0906b8dd4/160.webp
cache-control: no-store
cf-ray: 76a470dfafa4697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: 4f23644d164269c8ddb7e93c620ff276

GET
H2 200 4lKsONxb.jpg
imgur.dcard.tw/ 6 KB
7 KB 174ms
119ms Image
image/jpeg 2606:4700::6810:cc3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgur.dcard.tw/4lKsONxb.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:cc3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e46a3b74f97cf7e8ee02e26b53097e99896c6305082c843eef68f993377db947

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6555
x-served-by: cache-iad-kcgs7200160-IAD, cache-fra-eddf8230086-FRA
last-modified: Tue, 01 Nov 2022 01:06:47 GMT
server: cloudflare
x-timer: S1668478126.140792,VS0,VE1
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76a470dfde0d6963-FRA
x-cf-err: sbtl
x-cache-hits: 5, 1

GET
H2 200 Km0sz3Qb.jpg
imgur.dcard.tw/ 10 KB
10 KB 256ms
202ms Image
image/jpeg 2606:4700::6810:cc3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgur.dcard.tw/Km0sz3Qb.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:cc3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d86cdb66005e137bf5ce1ab5021948978ba07e3e5521e07b4b1fe43815355b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9839
x-served-by: cache-iad-kcgs7200148-IAD, cache-fra-eddf8230073-FRA
last-modified: Fri, 11 Nov 2022 05:54:31 GMT
server: cloudflare
x-timer: S1668478126.123901,VS0,VE108
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76a470dfde0e6963-FRA
x-cf-err: sbtl
x-cache-hits: 7, 0

GET
H2 200 0y5cEkUb.jpg
imgur.dcard.tw/ 5 KB
6 KB 241ms
187ms Image
image/jpeg 2606:4700::6810:cc3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgur.dcard.tw/0y5cEkUb.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:cc3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e913166ca1ae2d518ca5d5cfdda8a9a7f58c7cf7dfe3e794186c3bb47b2baccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5583
x-served-by: cache-iad-kjyo7100077-IAD, cache-fra-eddf8230022-FRA
last-modified: Sun, 13 Nov 2022 17:01:39 GMT
server: cloudflare
x-timer: S1668478126.124031,VS0,VE93
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76a470dfde106963-FRA
x-cf-err: sbtl
x-cache-hits: 5, 0

GET
H2 200 XIwaBFnb.jpg
imgur.dcard.tw/ 11 KB
11 KB 259ms
205ms Image
image/jpeg 2606:4700::6810:cc3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgur.dcard.tw/XIwaBFnb.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:cc3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73b17e5622c277226f400ebdff58792fb1e1710dde3d66199fd21ff46f65a37a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11244
x-served-by: cache-iad-kiad7000158-IAD, cache-fra-eddf8230058-FRA
last-modified: Mon, 14 Nov 2022 08:41:42 GMT
server: cloudflare
x-timer: S1668478126.146351,VS0,VE88
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76a470dfde0a6963-FRA
x-cf-err: sbtl
x-cache-hits: 4, 0

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/88867546-d137-49d4-b024-ed82985b56d1/
Redirect Chain

https://megapx.dcard.tw/v1/images/88867546-d137-49d4-b024-ed82985b56d1/responsive?width=16
https://megapx-assets.dcard.tw/images/88867546-d137-49d4-b024-ed82985b56d1/160.webp

5 KB
5 KB

923ms
870ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/88867546-d137-49d4-b024-ed82985b56d1/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0561b5c2990866d43897d2b2b70170c30904c4dcb45cde18ea86bcc4b5200823

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdsC44DqO--tHwk7D1jOxdA-2W-5ka0qUjVg5nn7Jv8JO85zSyBoN8Wzdqma6T-z5YP_WwPM0Ffh3SfFtqFahPWDEYW_SrgN
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5442
last-modified: Wed, 09 Nov 2022 04:11:54 GMT
server: UploadServer
etag: "4b32180e02e97219f6399c8a0a999648"
x-goog-generation: 1667967114002226
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=+kqRPg==, md5=SzIYDgLpchn2OZyKCpmWSA==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 5442
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:46 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-50dbe283cfeea72bde2895f27d837a09-6d6b184ce6dc99ab-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/88867546-d137-49d4-b024-ed82985b56d1/160.webp
cache-control: no-store
cf-ray: 76a470dfafa1697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: 50dbe283cfeea72bde2895f27d837a09

GET
H2 200 oJYl3Bvb.jpg
imgur.dcard.tw/ 10 KB
11 KB 234ms
181ms Image
image/jpeg 2606:4700::6810:cc3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgur.dcard.tw/oJYl3Bvb.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:cc3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4183df159403f4b434fe94d3243ed902206fabc033653a37d95a23e71c2c9c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10628
x-served-by: cache-iad-kjyo7100120-IAD, cache-fra-eddf8230108-FRA
last-modified: Mon, 14 Nov 2022 14:33:56 GMT
server: cloudflare
x-timer: S1668478126.121895,VS0,VE88
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76a470dfde116963-FRA
x-cf-err: sbtl
x-cache-hits: 4, 0

GET
H2 200 QsyCKLAb.jpg
imgur.dcard.tw/ 3 KB
3 KB 266ms
221ms Image
image/jpeg 2606:4700::6810:cc3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgur.dcard.tw/QsyCKLAb.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:cc3a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

236692fe82b633b9dad49d74163cf61b8b288d7f9297d92b019e2e0490ab90fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3061
x-served-by: cache-iad-kcgs7200030-IAD, cache-fra-eddf8230119-FRA
last-modified: Mon, 14 Nov 2022 12:14:28 GMT
server: cloudflare
x-timer: S1668478126.127282,VS0,VE99
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 76a470dfde0c6963-FRA
x-cf-err: sbtl
x-cache-hits: 4, 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 71ms
27ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=256374848&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dtto.com%2Ff&dp=%2Ff&ul=en-us&de=UTF-8&dt=Dtto%20%7C%20Social%20media%20platform%20for%20college%20students&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=585370120&gjid=729341965&cid=209539654.1668478126&tid=UA-192447637-1&_gid=590510724.1668478126&_r=1&cd5=false&z=1207625375

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dtto.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dtto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
191 B 28ms
27ms Image
text/plain 108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=33827916&cs_it=b3&cv=3.8.0.210223&ns__t=1668478126008&ns_c=UTF-8&c7=https%3A%2F%2Fwww.dtto.com%2Ff&c8=Dtto%20%7C%20Social%20media%20platform%20for%20college%20students&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: idYF2XD9NaJzTyvOfJW9PPp8ILdaOjvdw8urU1WW_esej4y5sq2cuQ==
x-cache: Miss from cloudfront

GET
H3 200 pubads_impl_2022111001.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:11:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132474
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 09:36:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 13 Nov 2023 01:11:47 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 65 B
80 B 81ms
30ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dtto.com

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af4623890dd7d43707b59a445c5ec22ed45234d6494896cda1ba286eb65635cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56
x-xss-protection: 0
expires: Tue, 15 Nov 2022 02:08:46 GMT

GET
H3 200 875687383061624 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 47ms
23ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/875687383061624?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7cdc9a26303e7b0585259640b9c06a824fdec46746a4802b4cc4dde22c3f3dd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 15 Nov 2022 02:08:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86024
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: T5VJQjMEAkGtS/SEW5AL8yUniENKl37OQ+Qq+rlyOfFFOPMx8FBy3aeDy+i0A/IOVAX8mUj1MeAl4pXPBzxcmw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/308894543/ 42 B
548 B 86ms
34ms Image
image/gif 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/308894543/?random=1668478125977&cv=11&fst=1668477600000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.dtto.com%2Ff&tiba=Dtto%20%7C%20Social%20media%20platform%20for%20college%20students&fmt=3&is_vtc=1&random=1743460600&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/308894543/ 42 B
548 B 98ms
32ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/308894543/?random=1668478125977&cv=11&fst=1668477600000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.dtto.com%2Ff&tiba=Dtto%20%7C%20Social%20media%20platform%20for%20college%20students&fmt=3&is_vtc=1&random=1743460600&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:46 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 86ms
34ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CEXCPM63ZK&gtm=2oeb90&_p=256374848&cid=209539654.1668478126&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668478126&sct=1&seg=0&dl=https%3A%2F%2Fwww.dtto.com%2Ff&dt=Dtto%20%7C%20Social%20media%20platform%20for%20college%20students&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CEXCPM63ZK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dtto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 d3798926e6d09035.css
www.dtto.com/_next/static/css/ 926 B
702 B 375ms
373ms Stylesheet
text/css 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/css/d3798926e6d09035.css

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/webpack-e5ffa91f65b47d40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d02c6bffcc569989a414c4948fcde02486056854bcf5fdbbb4a2e66ba029be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"39e-18475c54f40"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470e07c039134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 1950.13ed6ed24be5fe29.js Show response
www.dtto.com/_next/static/chunks/ 17 KB
4 KB 365ms
365ms Script
application/javascript 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/chunks/1950.13ed6ed24be5fe29.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/webpack-e5ffa91f65b47d40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88cb1d117f75cfe109f18e7f3c69007756ef23ddf2570ff32b3605997c73de5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"4556-18475c54f40"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470e07c049134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 96ms
29ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.dtto.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 91ms
30ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dtto.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 500ms
500ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=485506711188665&correlator=3913100238134399&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=146730420%2CDtto-Desktop-Right-1st&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=4226079873&sfv=1-0-40&prev_scp=forumAlias%3Dall&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1668478126211&lmt=1668478123&dlt=1668478123784&idt=2380&adxs=1120&adys=68&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.dtto.com%2Ff&frm=20&vis=1&psz=300x250&msz=300x-1&fws=516&ohw=1600&ga_vid=209539654.1668478126&ga_sid=1668478126&ga_hid=256374848&ga_fc=true

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b43d4d1220e49b70af1e3d4053ce95b681382705c4412d920993105e855b666a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9992
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dtto.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
11 KB 465ms
464ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=485506711188665&correlator=4129480946539799&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=146730420%2CDtto-Desktop-Right-2nd&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=2&adks=966054133&sfv=1-0-40&prev_scp=forumAlias%3Dall&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1668478126220&lmt=1668478123&dlt=1668478123784&idt=2380&adxs=1120&adys=328&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.dtto.com%2Ff&frm=20&vis=1&psz=300x250&msz=300x-1&fws=516&ohw=1600&ga_vid=209539654.1668478126&ga_sid=1668478126&ga_hid=256374848&ga_fc=true

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac3eaa0a0962c0f7585b7616224752270f7ee5835d1c75975f1f36f6347dab92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11182
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dtto.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 521ms
520ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=485506711188665&correlator=397609353716768&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=146730420%2CDtto-Desktop-Right-3rd&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=3&adks=3364725108&sfv=1-0-40&prev_scp=forumAlias%3Dall&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1668478126225&lmt=1668478123&dlt=1668478123784&idt=2380&adxs=1120&adys=588&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.dtto.com%2Ff&frm=20&vis=1&psz=300x600&msz=300x-1&fws=516&ohw=1600&ga_vid=209539654.1668478126&ga_sid=1668478126&ga_hid=256374848&ga_fc=true

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c90bd973efce28582a3be2ee899dd759de13a81e4a19457949397b3d7c476153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13290
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dtto.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 95ms
37ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111001&st=env

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d56d6ab9442a14f273b082897620fbe5b9c763a9e8b1c3dd29f55297cda48fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11174
x-xss-protection: 0

GET
H2 200 container.html Show response
7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EEDF 6 KB
3 KB 137ms
29ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dtto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 02:08:46 GMT
expires: Wed, 15 Nov 2023 02:08:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adsct
t.co/i/ 43 B
378 B 181ms
124ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=1&eci=1&event_id=d0879719-aa2e-4fde-a901-ff9523a5cacc&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3524a86a-1144-4600-b213-b1e2feef7395&tw_document_href=https%3A%2F%2Fwww.dtto.com%2Ff&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7ngn&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 102
date: Tue, 15 Nov 2022 02:08:45 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 217725b802747837
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 33b8f33b80cd0154c43b7775cb14390e17ddc5b3fd845b2aeb6c42bf0c5c24f7
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
397 B 355ms
129ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=d0879719-aa2e-4fde-a901-ff9523a5cacc&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3524a86a-1144-4600-b213-b1e2feef7395&tw_document_href=https%3A%2F%2Fwww.dtto.com%2Ff&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7ngn&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-response-time: 108
date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9b240f633886910d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f9d5701e39a4bad5769e89883c8e474915a4e6ba2f485d46b57cd63798833f83
content-length: 43

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 73ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=875687383061624&ev=PageView&dl=https%3A%2F%2Fwww.dtto.com%2Ff&rl=&if=false&ts=1668478126257&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668478126256.1284218175&it=1668478126064&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 15 Nov 2022 02:08:46 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 KFOlCnqEu92Fr1MmEU9vAA.woff
fonts.gstatic.com/s/roboto/v30/ 64 KB
64 KB 21ms
21ms Font
font/woff 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9vAA.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f838c807ff9fffa19ef81e9ba11530361339b32d8243c273baf687bd8118126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dtto.com/
Origin: https://www.dtto.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 04:00:51 GMT
x-content-type-options: nosniff
age: 338875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65756
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 04:00:51 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 107ms
38ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 02:08:46 GMT

POST
H3 201 sessions Show response
bilanx.dtto.com/v1/ 81 B
282 B 311ms
310ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bilanx.dtto.com/v1/sessions

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fdb586d912921f1b0f9e70f27085c7a4591a5db166acbf2e288a057f895cfcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dtto.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.dtto.com
access-control-allow-credentials: true
cf-ray: 76a470e1fe099134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81

POST
H3 201 sessions Show response
bilanx.dtto.com/v1/ 81 B
282 B 329ms
329ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bilanx.dtto.com/v1/sessions

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38d911dfbecf6d52b9721e8b84f0f17e313a35f47a0f1b7f4cda8766cd12113c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dtto.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.dtto.com
access-control-allow-credentials: true
cf-ray: 76a470e1fe0f9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81

GET
H3 200 banners Show response
www.dtto.com/service/carousel/v3/forums/all/ 1 KB
910 B 415ms
414ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/carousel/v3/forums/all/banners?rank=0&country=JP&platform=web&type=htmlOrImage

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f72859eb21f2215922e5b7d39f67f663613c672c3d9747887b16ae3bb8e77e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dtto.com/f
X-HAWKEYE-TAGS: {"b":"","c":"","g":"","s":"","t":""}
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 02:08:46 GMT
server: cloudflare
content-encoding: br
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, s-maxage=1200
cf-ray: 76a470e20e1c9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc-trace-id: 46389015b230ac701cbf63d1913d927f

GET
H3 200 items Show response
www.dtto.com/service/hawkeye/v2/hawkeye/ 72 B
393 B 662ms
660ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/hawkeye/v2/hawkeye/items?id=bfaaf45c-03c1-447c-b0ef-555827c80881&key=paging&position=all&detail=popular&enrich=true

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

441b7c57ec8279421e0f613423cac619a7e16f0b729849ded7feea7bc01d622e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dtto.com/f
X-HAWKEYE-TAGS: {"b":"","c":"","g":"","s":"","t":""}
accept-language: de-DE,de;q=0.9
request-through-cf: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"d7ed7f58"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, s-maxage=1200
server-timing: cf-q-config;dur=6.0000020312145e-06
x-worker-retries: 1
cf-ray: 76a470e20e1f9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc-trace-id: 56e92282d72fc91ea2baa792f4ad4d02

GET
H3 200 operations Show response
www.dtto.com/service/hawkeye/v2/hawkeye/widgets/ 14 B
373 B 565ms
564ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/hawkeye/v2/hawkeye/widgets/operations?id=bfaaf45c-03c1-447c-b0ef-555827c80881&key=paging&position=all&detail=popular&enrich=true

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f116ce064296bb68f5adc78f16e0298efd4a0db15077406976147f6ce69a5b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dtto.com/f
X-HAWKEYE-TAGS: {"b":"","c":"","g":"","s":"","t":""}
accept-language: de-DE,de;q=0.9
request-through-cf: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
server-timing: cf-q-config;dur=5.9999947552569e-06
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14
dc-trace-id: 6bba39b78b9cbc86c94bbf6dc6ee5108
x-cfworker-status: hawkeye:200
pragma: no-cache
last-modified: Tue, 15 Nov 2022 02:08:46 GMT
server: cloudflare
x-cfworker: hawkeye-workers
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-store
accept-ranges: bytes
cf-ray: 76a470e20e229134-FRA

GET
H3 200 keywords Show response
www.dtto.com/service/api/v2/search/ 3 B
295 B 406ms
405ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/api/v2/search/keywords?forum=all&country=JP

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dtto.com/f
accept-language: de-DE,de;q=0.9
request-through-cf: true
x-cache-proxy: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 01:33:51 GMT
server: cloudflare
x-cache-status: MISS
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 76a470e24e6c9134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3
dc-trace-id: ee93edbc7954fe2508f83f3eb93cc791

GET
H3 200 JP Show response
www.dtto.com/service/api/v2/selections/forums/ 2 KB
1 KB 2150ms
2148ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/api/v2/selections/forums/JP?sensitiveSelection=true

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac0bfe0a4791013f6e54a77dc75009eab60aceded9041f6fc3a6396f75af809

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dtto.com/f
accept-language: de-DE,de;q=0.9
request-through-cf: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"6c13435d"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
server-timing: cf-q-config;dur=6.0000020312145e-06
cf-ray: 76a470e25e769134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc-trace-id: c60b58a7155de0bd606f9918c54373c0

GET
H3 200 GetPage Show response
www.dtto.com/service/api/v2/popularForums/ 11 KB
7 KB 338ms
337ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/api/v2/popularForums/GetPage?pageKey=c0dfa481-11b6-47ff-b53e-9e949f9cad33

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4de08e9e4f7fe504bf180386c75f7f12b2e2b852fc6f003d282874bb8018d0a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dtto.com/f
accept-language: de-DE,de;q=0.9
request-through-cf: true
x-cache-proxy: true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 02:01:25 GMT
server: cloudflare
content-encoding: br
x-cache-ttl-seconds: 159
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=300
cf-ray: 76a470e26e839134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc-trace-id: fb151352f9f1b08ae498b5cc3a1bac4e

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B62B 13 KB
5 KB 74ms
27ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dtto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 23:21:35 GMT
expires: Tue, 14 Nov 2023 23:21:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 36F5 783 B
535 B 84ms
31ms Document
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

694bec05ec8bd849c918c72fc562f0a846088a6dada5df02de7dd3a2ac2eb786

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rsuzg2Hltyk15h3Bol1XwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dtto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-Rsuzg2Hltyk15h3Bol1XwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 02:08:46 GMT
expires: Tue, 15 Nov 2022 02:08:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 1124ms
265ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=7b848c81-44c5-4e8f-8ccb-26e55561342c&b_u=https%3A%2F%2Fwww.dtto.com%2Ff&b_d=www.dtto.com&b_p=%2Ff&b_t=Dtto%20%7C%20Social%20media%20platform%20for%20college%20students&c_t=lap&t_id=57146b7b-0037-4fdd-9cb4-64af131ad951&s_id=ff1e31ce-edf9ed71&x4=1&e=pv&v=3.2.0&_t=1668478126479
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 15 Nov 2022 02:08:47 GMT
Cache-Control: private, no-store, no-cache, must-revalidate
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame B62B 36 KB
16 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 17:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 17:47:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 36F5 0
0 87ms
54ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111001&jk=485506711188665&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame F5FA 221 KB
61 KB 153ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 28793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame F5FA 14 KB
5 KB 186ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 28793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame F5FA 94 KB
28 KB 188ms
55ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 28793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame F5FA 5 KB
2 KB 207ms
74ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 28793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame F5FA 40 KB
13 KB 200ms
68ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 14 Nov 2022 18:08:53 GMT
age: 28793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 14 Nov 2023 18:08:53 GMT

GET
DATA 200
OK truncated
/ Frame F5FA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0a4e38e6642c9ceff6bf2ffe36a92930ffa5089bdbfc4e442890a6d11fd04e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 12165211899370880161
tpc.googlesyndication.com/simgad/ Frame F5FA 38 KB
38 KB 28ms
28ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12165211899370880161?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkqhDuNeT1tZ9Y34BYrJu4S-GVk-Q

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0afedc954bed8cbef25bec4ca8491308683dbba69b2bcdb9d21cb4c1b6c700a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 02:57:40 GMT
x-content-type-options: nosniff
age: 429066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39248
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:29:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Nov 2023 02:57:40 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F5FA 3 KB
3 KB 34ms
33ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 20:27:17 GMT
x-content-type-options: nosniff
server: cafe
age: 20489
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 15 Nov 2022 20:27:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F5FA 344 B
368 B 32ms
32ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:22:22 GMT
x-content-type-options: nosniff
server: cafe
age: 56784
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 15 Nov 2022 10:22:22 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F5FA 0
0 31ms
30ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDMFFokiAQSjD_uQfFrGviqXm0C86ww7I8nfGgmbcO-YJk2D1IvFi6-Kg0k7uQgRj5BpLqZzCVQsaC7uWaDqYyTeNmIg
Requested by: Host: www.dtto.com
URL: https://www.dtto.com/f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F5FA 0
0 70ms
69ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CiuaCrvRyY4yfEYaC3wP_hKegCdnuoKtt84Thq_oQv-iivcABEAEg9OjxHmCVypmCrAegAZ7b-8kDyAECqQLAeGZwSV-xPuACAKgDAcgDCKoElQJP0LZ5u3gzRgHs8WXzvdieNMsIsyoq6D9vgY9wZhpacAvxmwUKxHoCvfo5AbHGxokAXquVF6xnGk2QsQ1h7BAGswZ60v-IZYtGuTGk5aiaOmFhBlh1bb1rMsxl5yZkoGvO9kLleSIA4M-DdEoPzXu_MJlqwo0IXHqJXU4OVLH4bkN1TeaFjzKNq2GMEfUz4v4i80iMM8nPdD1gnZmsgi34g24Mo5pX4AtfJYiFJqUW_zKyAwqntqS_F9I-1glnkWnXWpt9kJfHHh0dmLUgsvR-v4qcZ-Q7YnmdZKhrOb7L7d-x83kqJ69DiUSiX8dEJgTnuqPKftoTpZmQLitI-HsLF0J0HUJnM2NsEhg_Wb5WUEtwcv72wASG04bFpATgBAGSBQQIBBgBkgUECAUYBKAGAoAHyqSENqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPW4C9IIEQiA4YAQEAEYHTICqgI6AoBAgAoByAsB2BMN0BUBgBcBshceChwIABIUcHViLTY0OTEzMjk5NDkzNTY3MjQYhN4a&sigh=GkwDxapYTZU&uach_m=[UACH]&cid=CAQSOwDq26N9VcGSk8ENpl5eoNqzsml4f6WHy8mNrRZ28MRTkkZsQo4echhCNoTf_um-oeixvtaRi7cqlesIGAEgEw
Requested by: Host: www.dtto.com
URL: https://www.dtto.com/f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

POST
H3 202 events
bilanx.dtto.com/v1/ 0
0 311ms
310ms Ping
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bilanx.dtto.com/v1/events
Requested by: Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dtto.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

POST
H3 202 events
bilanx.dtto.com/v1/ 0
0 309ms
308ms Ping
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bilanx.dtto.com/v1/events
Requested by: Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dtto.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

GET
H3 200 container.html Show response
7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2159 6 KB
3 KB 81ms
24ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dtto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 02:08:46 GMT
expires: Wed, 15 Nov 2023 02:08:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A31F 6 KB
3 KB 56ms
22ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dtto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 02:08:46 GMT
expires: Wed, 15 Nov 2023 02:08:46 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 12F0 0
18 B 46ms
21ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.dtto.com
Referer: https://www.dtto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.dtto.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 02:08:46 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B62B 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_Pb24A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 287a41e514e41e59.css
www.dtto.com/_next/static/css/ 769 B
671 B 349ms
349ms Stylesheet
text/css 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/_next/static/css/287a41e514e41e59.css

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/webpack-e5ffa91f65b47d40.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51d57a6cb474d30a384503f9489427d08c688ca40e0ea37f31706d81486d9d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 10:52:56 GMT
server: cloudflare
content-encoding: br
etag: W/"301-18475c54f40"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 76a470e4d9279134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3AD9 624 B
242 B 46ms
45ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGMGtoNcBMAE&v=APEucNUj540bCJZBF-4Fu1eTQgBp-ntIyjsHHQau0yXs9SieR6ShGlGKknVK9sxVH-X3e000w_ZBhI_R_dw0mluiiwqn0SlFTpfZH1LSyyG1pZN9Moo4l3iD6YAwqA-XClkn4DG6jl8UJnhaPwBT6_MKe60ldNMzBhgra7oZLkPoaQ22t5bn55c

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 02:08:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A31F 15 KB
11 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dgl_Ny8RV7v3RN3kR-9BKgVZgUMXYwZhkIQ4VjGbzuXeBr9xG9e3Gdxvl8muxaS-pSV-uo7CjOXtDjpvtH8ycDr2sXF90ChNeGlm9PiHy0QpH7LIjTZdzcnnJXl1T0rJFvofXo58OdF1YQiBQlld5KT2TTpsyv4lBVkdKHmQqLkKScYB0&cry=1&dbm_d=AKAmf-CVxRfG8-ZS2hfeQW1HXfNUCLfDYdC0eFgPuQ-bKoPHN315hihsSWxRKuK1U5OxZfkpd1oLWKrJU56re4sGlEvVJeRKynuRaKuvMGPQnhWOGDXdsvv6hCZnj_qcsSx_-wk_iBgwm3ff4qzoelIflCbHW5rqGVlHUVJpQxp71QjOYQVV_44zuHxUo3LItkCMYiBv_fOsi5ToESoF3WuJ3ct38ujQA-q6oXGrSFt9VVzqSOT4VNJYm9Gq3n15f-_ocimDg4CyL7hjyrz2u_K9ydOnZuMgwqfNge5fbJLvEWrCurlf3g4zwN1OoQOs4I_pnp04qOAGJXFJP-s5DHxVjv0-mrA9DcrJL4dZxzZFgu-G8F8i3tTavceayYsQ7qx8cdMItCM37hGEXHykBHHvkyFyeCxXvIpnJPcPQKp-pzju6dA_zfs5Gl5CLQsJkL9hpDPIEsDDs2W4xiiA16QhkkRH9GvMEzB5DuiuaQGo6pamvfYBYZhtNmciGqrMwE8-93kvpsB8cLBSSD96numzk2-w_xlUgVl80op85Rt5ycxRzBUG8DSjYsiIty79TvRGx2oTwyv8LWx8bUKXAkW5o0gCovRVEg77Hfr3TEBaubXDdiiLAqxRJP4X8C_iKl9z-WkgD4ihG5Oe7p7FSNdkxSNvctc3Hr-M-bxZhjnUORfQ4JrrDDVu4nrLmQry7MAM_IaFDJFbJYop4CJfVEkPIK7YlZWu8YqtDEIikpIY8wKN0PfRXgNIpusz2JsqUk9DC5FvUqGsHGXVjyLCRGU4NNV4SQ-fWU5sdrtCgdKz6PBCgyIzFq-OYIK86q3TmWYt50YcA7GtRrNH4aGNqMsYwU1sycPNCRKo5PedlBpoEKYjHWQ60t26tPjch3q_oJXe45F91WZI0rsinPgiJOR94XN0Kq0T22wmQg3MTHLxcaCuZ-iEj0khzQEQeJUAuYZjsMEXjUt2S1OWwY3RqDOQmGMxWbODUcAWepb01gfLjrAG-XWTRaEKdYsu6-BE_ooSedpfR29iGyBX91dOAOaEdGgHXxwCfLMsa8Ng_q8ohN6n7po9xydsZMoeI5iko6OPpRK3GDXTuql5wcZLNzn4MTeiICigZHl_qeYvJSRGqs9cqJxNR_4ZgocI30HJdXQ0k0lHKrRwUD_WlRTAPaH8d5EqaB2v6fAfJ4F1VFccTwUWLQB7Wfix7DQYYk6Ia0litytQIH08aGSgb_0OvTyD4OVUFafbiRlFIZKcy3zXlsaXNoWWylAW3mAm8fEC7lfGjQ-cG05ZQvF5m-jnJv6a0KUwZrUeu4kxZ-Oo3CGU2q1vPw3Xd68TeGdQLzSMQYegvCFGEk9yDt217H1gr4d3yJ0Cy8nfW3sR5wJ2osiNtng_CQD507nlu3HrryAX1K2qBrOXVU2OfZ4J0a7reLaSUs7L175gI2Hu9QrZHZH0j9hRYVaieRLGJ-XsNaw5VnKG6O04kCpHiMQ6K87g9vJb9xqJejZMXSSkDhNncqNZRkNJqlHfU_j3vrbzXF244147BM4cTM_hbwYOih_MMk97SRjzxzgHOP2aJ5YerrNdBQ_Ufhp1gROS1x1LQ7_AXqyJoBwofg-x0MUd88rFgRd3aL1FWIyTdwUrwWWl4k3iReLse4n9Ms3dMIegVhSgO6RamHdCtbyGvjebiAVyFfPRIoFNKDc-dMXIj6WeitM8DKSsp312q7M1iY-q93cp84nS2fOeGXEmpRJLPJh8NTqe2JgGvhgQoTKMYUQGAdPVkuEA712Xa1izW2O03zeHesRLlO-qg1Ri_KPsCzhlWnV9WdqFNVn9PkyIt8KAw868Ky7irGqBu5N4yS0hJjfMP7z-RzZsWQuCa6Xs-diUbpwzvIQQ4Ttt-fzPONihUllH0TqchnLdmJCA23aYxQBZnalfjU0sKRuSro5MDgbSY3bCcftW2EEAch2eNWHhPpfgTQ6hyNkXort9HO3fiy9TCMxM-9vz6xyNipFGCTorq89aGw6aUtiNS7R2-8SoLCU7O1H4-G2iRoSXdqY969-kxTq3ayPgP4mbLdCuvulIWY5wZ39TPyI9FSrzBTmUv0OumW6-wrPvbhJn6hl05DdL_C44a6a_1kxj2i0k-q1mkl00bLrfOq7gvcCGJ4wrTtQmvGf_7QFmj_FSW_S2oWJmtFiYDLT_zb2dygWNOOIaIgw__B83Y04-GLNxkFnFGDxhE0t82ZUPIuF-_vyVtj1FdRFfGXIjtmyicU2ixrLAeOhum_5bbDQeYpwMdBCAR6HCUsylNKyKhNQUCFO-TLNUZaZC0cfZ8uRhyb0SLegNbRV8axL8bNHu9eKwxj_6-n2_I7_M5ZE5t48j9pjjP_OAtDh8CVWMdSt26fogWx6LgrQm6hmlpwWJ5RUEzqN5LFhJoWHw92K57ByvweWxcfVV0B9f8e85gXUPWjLngfHjz1-UsKdr6O5blib4P-VESvJ8Q-5MsW75J_glk5J6ZaTEBUfyojN-ytlv7d0XEG7fXI4Bwi2VLDvxOCi_Nb05MF2zjJ51b4xlnjoI4zDkrxcuzUpOrtBckocfo3euiKDFEwbB6l96N-u-z-3Cgr08-QnkCrQgRBDQYDWDLNHJmzIQohWlqAN_gAwBw6bX1_e3e9AfMkjBbY8csnhvhCycskZaB7blm695p51SnNwYz5mSH2T8Mx1TlScOw8-JL4ZsYhIcHzOQSYU2X_vLR2BI1SlmAYYz0JjRzC4ABzuxjw-rtU-uZXDIvwKstzkNUsZNrXx2Bj7KFsm1P_1xsPwG2A32Xud1ybhAPtke_yuUZr1P5NzB-2f9L-pJIavEMH-dEc-8K-aqQnuLHgz86jPAGZkVmtSIjy-KIrlUzEmaAFMg0O4rMd0HoFd3&cid=CAQSOwDq26N9t4I7kr1JSgCzkSihG-cxUbsy4kaA1lxDwTwMlIOfXf7nwAregHgSfEEP6VMMU8jrlsqBDp_YGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.dtto.com%252F%240

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31fd180b4d5812c45a9d2010e1ac4f8968726bb4c4bfe92179b1a9a198c31ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11445
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A31F 42 B
63 B 56ms
55ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BfRkDw-GwFh1VKoIqPe3RBw6OQCWVKoTZrbI5NOuYyzo4R1JDYbwHpkTgoaZnHSscBbTVB-edn59x9mTFBUAG6fm2D_0GLTkrB_L-PFGiHJ_yWz3w

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame A31F 2 KB
1 KB 116ms
21ms Script
application/javascript 2a02:26f0:1700:3::5f65:1ba7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=26643634&cmp=28827339&plc=349943219&sid=5775970&aufilter1=684948642&prr=1&ppid=103&autt=1&auevent=ABAjH0iLaYXAD016282jhP4mXQcn&c1=684948642&auorder=1009024872&aucmp=18338891179&aucrtv=451417793&auxch=1&pltfrm=1&ausite=0&turl=https://www.dtto.com/f&aubndl=&dvregion=0&unit=300x600
Requested by: Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:3::5f65:1ba7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 15 Nov 2022 02:08:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:55:21 GMT
Server: Microsoft-IIS/10.0
ETag: "42b02eb945ecd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame A31F 8 KB
4 KB 115ms
20ms Script
application/javascript 2a02:26f0:1700:3::5f65:1ba7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:3::5f65:1ba7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 15 Nov 2022 02:08:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 09 Nov 2022 10:32:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0fff8d26f4d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A31F 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:46:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 21:46:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A31F 18 KB
7 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 15:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 15:54:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A31F 0
0 41ms
40ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWb45Bp-0fwWrowA6Tl0pNx1SesBhhaZSsyNn059c2fetjgDinSpoIvpbIsLLxlV-sotGz6xQGGv52VdeQeDnktc3k-w
Requested by: Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A31F 154 KB
48 KB 110ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 02:08:47 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 602A 640 B
262 B 35ms
35ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGIetotcBMAE&v=APEucNW05ub5gl0_hLyBRg0qiMfRlZwpHjBySv7sUg3rq-0RERDwPeaTBrRLfxImmRfI9vwqeDr9WbB0wAMwGHIN86nhW1p_OcfOUlStGvHfJaxCamz9kt0RzRtjxi-sTyCTkChMHmwJKULP9ndxqfONEZ1ubGjWNS0l4ToAjPMJaHGBWbd1olI

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 02:08:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2159 82 KB
34 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C1MZJoUa8eJkIcIqnsSr_nU3fERwIKMkoplOJA59lUHw3BTyF9RryJMawlgUng1zfE1wN16-f9GfloGwW_YHye5q0IIA&cry=1&dbm_d=AKAmf-Aj5p-rD-0IZJbbOzSC3As_zcQuqJVu6f1Ehsgos93usViNCYq8xWn72y5VwHSLpil8lezy6yXurjowr_mRXYSwdGO_RVEUxa_y8ZaSHoCDg_jUTMimWPbc4yfs4CH1KseUcorJs-jdcwniBh4r-zDqbQQMDykCJkkHG5pM0-ra3ydiFpuBP0B2LzHJCAOzWSZqnb_-r7-zVJHED_Kv2AFp-Z_Z-7rb-YQGh8RDSN9-LaF2yjdqKRZgKOs5QbqQ3NIRjiMgARNcGXi0UBpaBJLH4uwd_Sw8z3_11oUCVCVhMlJFls207rY7m0x-2u84Ce71mjRg7ERlLx-VmXH8Jdz_eU53pK8Xi5Hor2-6qdB3hL1ceNOOd3YTEtkq16mU_PqRAJMmjbAtzVRv7lslKCfIcjw2Fu_5VmJKTzeRYEcuUPzNx4ZxwiiDhqIXSxWhIDtCc5dtgcTCPqS29OJLsgGqDjB0aoWip7QnssQ9d8BUz5j96scNxIDhRkBiYvMLIrk1M6Cg4YdtUm-PeCfk52LsKHVQ4xeJn5HWWNNBalIroUct92kD4IIftLoZ-N5lkAyXHyVdA3ShI6f4OPLpNavhM35u_66WSXbpToKXeHUqW4tPuEGk7hYA-39MYfJE7hMKWrl33_lykY_rHZCqPYufry4qOJBYlH_oNXZmtdesSoNk8iz3s-EO-1q6PObdBcgFZF5YurrN5tuDzNzcOeCPzgRDNSYwDlvwB4OHOontxZdJ0YkNAJACOPEDGGShG0kREq-sJYBptmYxWFPyIKRpSQTGBAa_bWrJlydNByeZRNaobSb8rCu3UqLW3rY6M8XTUUIoQ4cgr9Up9r81uIrwvTBzVwLC7O69NDMRR5YiOrfdlRS4HCJ2H0Z-idN99n8CwNBqzj_PBEhg0_ewd3EJTLzffQRPuTLy9E6aJNGuQ0YBQoCJG1dl5KUthtp3xX-NNiaFWJGWH7WCzGNLAYFsyyQorWwch-sCedl9seijUlZD-P6tHd9EiJ3D6dqHRrkloDPYewEQUNKoRUbCzQ8JNYsvA9Wch0NQoWuQvWXLfqVH9GNers_Ypy-rxekqfI6QSOizlyYIG2N6Wh39GLtYjBWtbhubGkmEOQvycdljHbv-naGAP-4tAVst6R8xmHXkTM5L_0I7qxZqNxH4bAmakC9R6CnSkOHs2c8vll6VzV7Er5SIbmeEtDdSlw9J_U0rfkGxabEI5oZ2zrwrL25NlSfaizI3CR070I4lA8bNPfK7zcUvdjkC-T9Yjx07zUNd9CutVjwqJTiUoipQPOLSiRwqbYptXuh0ohYqis-CZvcc-_HVJdE5TnEweJh-yp14f-rOMm_yO0IqOG6va7OnQJSnTN4HvW3lRuTKvpgXHnCU5jnhb5O93v0oyl5dVBCT7HpTHpkkOHi1c2A3msg_KgqShvGWAocpjFf001cPzkloooCfsM7fcv9Sq7zUC4vUrizkUActcWsUaVrOeLjMVenp2FefwpebhDGIVRkgVxHc4jrkOe9vavENfNSkMejxcyCyzZtSPOZiFvUkTC4xLu14ezYCkIyoxnvwxP2JLFKeh_1HczSYd5uYtQCugfLOf9mSQ_KuW-g4yczuMs8_u2vcVcqYR_AuLKgNqPd9iAoJHGgEGQMY3XdoXHm02TcVHbYNITSFr1OHQIKx_1kHt8341QFhaGQ_rzcoexYNlMXuVIVOJzfSIwKnSKXbRTKfDOQ89PrLjTbjv5ANQTi4xbkR-pm31sSYlmVc_b_Z-ImsoTOVjMKRaA4Mx7UoStmUduOPQ8qDyOF9mripp967eSroaP6wIcgDZttLrIAnIGeRHk0dw_-fOsR44W2JL344D6rpUv-3YUWOEqIPyNlvAyPmYnGGMIAu3FFZbZIAU-zhH3RLexqE0jNc95XdmMXK2bU9jkqDLr4vB4FQm01QuQmNpoFBB-VCPsBUdmZMCi7SDho19vj9gSx2K0HOS6UBe8gPaqzahUJOnDySYfGbngjrozSQgaMuF9LsSW_dZ9fRgfzqx5UaUyCGh1D_7uGsHfPW4orZkW-Kn_TcHYTXbCa80jFEvOJZ6ZVohH2bLkHkKLotZASk-tTK-Q4y_FoslnQjPzcvy9PNKELfCZwgl98STzFeVaJ_n4dRryhJWeRoqhK82AbmR0HkJ63Dm3fb7nFn07ag3BsFoGpfULvIVULqKjUcpJ74AxyLZhAqmqzX9TO4HZIL5J2qo0odPXjwT5uGTf4lPoZqXiZj2boclGF2fJMhNmJ6C6rpX5LqGUF12ccSF9HSiCezaFJocYCH8QMC2p89gzMAg58zrQtoYeZHMyyzZO8w_fBrjL-RrOLRZJMNfaQK4WfKwfJ5fTc3ibysacwpbg20Jits0ZEXwpTQZWx5iY9vz2uZO1Tf8aZce7VO_J_J-Hjsf5yZzC7ShTTDPXe_VpWOM4-04VSyuscg6E6yOmRG4nr91iNQeMWnS1ojv4W3aK15AFn5AjOa7qpCXvqoHHp_xUlFN1HvBa5hB-Ch2MkEmzLBhcRlAgJivR8cnJHRA5xEAvU8ufMhtUp4_rvcbgFLKp3P9xKoJpD818bCoEpsL30AGBgmdmFUVArte2ctwS02jRUpGQ0kBgMnJNXT3nQ-H-dJxYG3IQfoBfWZUKJHGFx8pxeJYBbDeZqXyDo1tWBD4iawXCQMYSg7RAzJS5RxLU3AABabxediV8cHLky4Y2mZrMHymeIiHilHxkyh5v2Vl5gElca2n0gGAGd2vgxcIjngmTC0ykGxmjvvuKG2FkEiEhVC_1V5vus9kr3bxDqeHGSfjXwJLpn2g3U1UC_xyjCyYw0T-hvlo75sLLvgVuIYZH22x0LGT5Bzo58SL8M5NC974T5pCIY253jrNOJGE-VorlXgx0fJfik6o8I6IP0U3w7ZXHDZLUKcFulrGPIB8o1zsqUwk0qwoBVWAwcRrWg64He2CBUm7W1muT0FYy0hbBQ9-OIjthGr3gcUaGu2YyLkuuMH1EyjpkyINduUQ4aabyGuetXqm4E49qFkkbfJOAunHatl1mzpIMN7w-HwrIljSJwXvJpW8BUB1dUovdWDeK7_qXUBX25foHlzdDFkqN2qgbkjPDcCn1bumQNe4hygAHOmd3RYBXTMAbFQNSJU1MsFUf-TfatCqR7odjGtBJ0KyYGgmF1U6ibXkQdCUJCJRBHOCDcRPZuB8WnK1ElnNKJPa23gYi4_d5_lGGz5SoEvqrecmHEzYaq9W_EQqM41iJQBCSReslIg4wDId0aN9ffKZHUOfkVFNpst6-O8VSaCTpfMvGdBXHKksEfGQ-9K39xcaapp2fdrClKce_6D8yiby2HRI9LwN9P-KxvsvgTf_XJP_KFX8LgpF5wHb3s0sTkVWceySVz2-KopU4M04G2ZzwiDvGjP_7t8JzoDZGCgYsA1o60&cid=CAQSOwDq26N95nv7KnC2D28t1TCxMTLJPPNx9pZFDX3d9LZI5--y82qX52dthsKEhT8K7DBXIgQlNs3FF4AUGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.dtto.com%252F%240

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e527f37125bb009239801a6219cd0205807fadb4973e0eca8f016420250e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34978
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2159 42 B
63 B 57ms
56ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Alow1r6OczmQnwoaAdzUWhHcKjq6P4XpWkocehDAlUzfzfAnjr8817IqWcYKvx5QRbYKb3LrkaCkqbO-MsnuSkyArxw5vpMU3pLVSdSQA9IW1G9C4

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2159 3 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:46:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15739
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 21:46:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2159 18 KB
7 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 15:54:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 15:54:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2159 0
0 36ms
35ms Image
text/html 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ98kW-79AmGS5N23ZQwkuqbmDVB0s_SO6oJ2FEb4ZnK9PhTy-J8U2O_zumTC19v7vCSfNxmeOjhRBOX_ADMgWebhpNjw
Requested by: Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2159 154 KB
47 KB 135ms
74ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 02:08:47 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3AD9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIxi5pYe3OXSCjeNcwFhETw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIxi5pYe3OXSCjeNcwFhETw&google_cver=1&C=1

43 B
766 B

21ms
20ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIxi5pYe3OXSCjeNcwFhETw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGMGtoNcBMAE&v=APEucNUj540bCJZBF-4Fu1eTQgBp-ntIyjsHHQau0yXs9SieR6ShGlGKknVK9sxVH-X3e000w_ZBhI_R_dw0mluiiwqn0SlFTpfZH1LSyyG1pZN9Moo4l3iD6YAwqA-XClkn4DG6jl8UJnhaPwBT6_MKe60ldNMzBhgra7oZLkPoaQ22t5bn55c
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Nov 2022 02:08:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 15 Nov 2022 02:08:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEIxi5pYe3OXSCjeNcwFhETw&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3AD9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3L0r45eGsjahThPggUPhgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIxi5pYe3OXSCjeNcwFhETw&google_cver=1

43 B
894 B

26ms
26ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIxi5pYe3OXSCjeNcwFhETw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGMGtoNcBMAE&v=APEucNUj540bCJZBF-4Fu1eTQgBp-ntIyjsHHQau0yXs9SieR6ShGlGKknVK9sxVH-X3e000w_ZBhI_R_dw0mluiiwqn0SlFTpfZH1LSyyG1pZN9Moo4l3iD6YAwqA-XClkn4DG6jl8UJnhaPwBT6_MKe60ldNMzBhgra7oZLkPoaQ22t5bn55c
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Nov 2022 02:08:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIxi5pYe3OXSCjeNcwFhETw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 3AD9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELYlik0Hd3pWd_Zq4nzYuDY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELYlik0Hd3pWd_Zq4nzYuDY%26google_cver%3D1

43 B
1 KB

21ms
20ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELYlik0Hd3pWd_Zq4nzYuDY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL5zcYCEOmXj-cCGMGtoNcBMAE&v=APEucNUj540bCJZBF-4Fu1eTQgBp-ntIyjsHHQau0yXs9SieR6ShGlGKknVK9sxVH-X3e000w_ZBhI_R_dw0mluiiwqn0SlFTpfZH1LSyyG1pZN9Moo4l3iD6YAwqA-XClkn4DG6jl8UJnhaPwBT6_MKe60ldNMzBhgra7oZLkPoaQ22t5bn55c

Protocol

HTTP/1.1

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Nov 2022 02:08:47 GMT
AN-X-Request-Uuid: 2e3a402e-12cb-45ec-a45c-eb2e8d487dc8
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.25; 217.114.218.25; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Nov 2022 02:08:47 GMT
AN-X-Request-Uuid: e9513962-d376-426f-bc1c-591c5017e12f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELYlik0Hd3pWd_Zq4nzYuDY%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.25; 217.114.218.25; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3AD9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA3NDU0MjM3NjczMjkyMDYwMg%3D%3D

170 B
188 B

80ms
35ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA3NDU0MjM3NjczMjkyMDYwMg%3D%3D

Requested by

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 15 Nov 2022 02:08:47 GMT
AN-X-Request-Uuid: 07ff822e-17b7-411f-a985-87f58db2cd5c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzA3NDU0MjM3NjczMjkyMDYwMg%3D%3D
Connection: keep-alive
X-Proxy-Origin: 217.114.218.25; 217.114.218.25; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 602A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHTJICHdwN9mSvx3tKnjU9E&google_cver=1

43 B
114 B

29ms
29ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHTJICHdwN9mSvx3tKnjU9E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGIetotcBMAE&v=APEucNW05ub5gl0_hLyBRg0qiMfRlZwpHjBySv7sUg3rq-0RERDwPeaTBrRLfxImmRfI9vwqeDr9WbB0wAMwGHIN86nhW1p_OcfOUlStGvHfJaxCamz9kt0RzRtjxi-sTyCTkChMHmwJKULP9ndxqfONEZ1ubGjWNS0l4ToAjPMJaHGBWbd1olI
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHTJICHdwN9mSvx3tKnjU9E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 602A 43 B
304 B 118ms
31ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGIetotcBMAE&v=APEucNW05ub5gl0_hLyBRg0qiMfRlZwpHjBySv7sUg3rq-0RERDwPeaTBrRLfxImmRfI9vwqeDr9WbB0wAMwGHIN86nhW1p_OcfOUlStGvHfJaxCamz9kt0RzRtjxi-sTyCTkChMHmwJKULP9ndxqfONEZ1ubGjWNS0l4ToAjPMJaHGBWbd1olI
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 602A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEHg_51VaIBCHy4-mrpDEPBI&google_cver=1

23 B
172 B

122ms
48ms

Image
image/gif

23.11.239.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEHg_51VaIBCHy4-mrpDEPBI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGIetotcBMAE&v=APEucNW05ub5gl0_hLyBRg0qiMfRlZwpHjBySv7sUg3rq-0RERDwPeaTBrRLfxImmRfI9vwqeDr9WbB0wAMwGHIN86nhW1p_OcfOUlStGvHfJaxCamz9kt0RzRtjxi-sTyCTkChMHmwJKULP9ndxqfONEZ1ubGjWNS0l4ToAjPMJaHGBWbd1olI
Protocol: H2
Server: 23.11.239.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-239-181.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Tue, 15 Nov 2022 02:08:47 GMT
pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEHg_51VaIBCHy4-mrpDEPBI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 602A 23 B
172 B 185ms
49ms Image
image/gif 23.11.239.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGIetotcBMAE&v=APEucNW05ub5gl0_hLyBRg0qiMfRlZwpHjBySv7sUg3rq-0RERDwPeaTBrRLfxImmRfI9vwqeDr9WbB0wAMwGHIN86nhW1p_OcfOUlStGvHfJaxCamz9kt0RzRtjxi-sTyCTkChMHmwJKULP9ndxqfONEZ1ubGjWNS0l4ToAjPMJaHGBWbd1olI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.11.239.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-11-239-181.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Tue, 15 Nov 2022 02:08:47 GMT
pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A31F 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dgl_Ny8RV7v3RN3kR-9BKgVZgUMXYwZhkIQ4VjGbzuXeBr9xG9e3Gdxvl8muxaS-pSV-uo7CjOXtDjpvtH8ycDr2sXF90ChNeGlm9PiHy0QpH7LIjTZdzcnnJXl1T0rJFvofXo58OdF1YQiBQlld5KT2TTpsyv4lBVkdKHmQqLkKScYB0&cry=1&dbm_d=AKAmf-CVxRfG8-ZS2hfeQW1HXfNUCLfDYdC0eFgPuQ-bKoPHN315hihsSWxRKuK1U5OxZfkpd1oLWKrJU56re4sGlEvVJeRKynuRaKuvMGPQnhWOGDXdsvv6hCZnj_qcsSx_-wk_iBgwm3ff4qzoelIflCbHW5rqGVlHUVJpQxp71QjOYQVV_44zuHxUo3LItkCMYiBv_fOsi5ToESoF3WuJ3ct38ujQA-q6oXGrSFt9VVzqSOT4VNJYm9Gq3n15f-_ocimDg4CyL7hjyrz2u_K9ydOnZuMgwqfNge5fbJLvEWrCurlf3g4zwN1OoQOs4I_pnp04qOAGJXFJP-s5DHxVjv0-mrA9DcrJL4dZxzZFgu-G8F8i3tTavceayYsQ7qx8cdMItCM37hGEXHykBHHvkyFyeCxXvIpnJPcPQKp-pzju6dA_zfs5Gl5CLQsJkL9hpDPIEsDDs2W4xiiA16QhkkRH9GvMEzB5DuiuaQGo6pamvfYBYZhtNmciGqrMwE8-93kvpsB8cLBSSD96numzk2-w_xlUgVl80op85Rt5ycxRzBUG8DSjYsiIty79TvRGx2oTwyv8LWx8bUKXAkW5o0gCovRVEg77Hfr3TEBaubXDdiiLAqxRJP4X8C_iKl9z-WkgD4ihG5Oe7p7FSNdkxSNvctc3Hr-M-bxZhjnUORfQ4JrrDDVu4nrLmQry7MAM_IaFDJFbJYop4CJfVEkPIK7YlZWu8YqtDEIikpIY8wKN0PfRXgNIpusz2JsqUk9DC5FvUqGsHGXVjyLCRGU4NNV4SQ-fWU5sdrtCgdKz6PBCgyIzFq-OYIK86q3TmWYt50YcA7GtRrNH4aGNqMsYwU1sycPNCRKo5PedlBpoEKYjHWQ60t26tPjch3q_oJXe45F91WZI0rsinPgiJOR94XN0Kq0T22wmQg3MTHLxcaCuZ-iEj0khzQEQeJUAuYZjsMEXjUt2S1OWwY3RqDOQmGMxWbODUcAWepb01gfLjrAG-XWTRaEKdYsu6-BE_ooSedpfR29iGyBX91dOAOaEdGgHXxwCfLMsa8Ng_q8ohN6n7po9xydsZMoeI5iko6OPpRK3GDXTuql5wcZLNzn4MTeiICigZHl_qeYvJSRGqs9cqJxNR_4ZgocI30HJdXQ0k0lHKrRwUD_WlRTAPaH8d5EqaB2v6fAfJ4F1VFccTwUWLQB7Wfix7DQYYk6Ia0litytQIH08aGSgb_0OvTyD4OVUFafbiRlFIZKcy3zXlsaXNoWWylAW3mAm8fEC7lfGjQ-cG05ZQvF5m-jnJv6a0KUwZrUeu4kxZ-Oo3CGU2q1vPw3Xd68TeGdQLzSMQYegvCFGEk9yDt217H1gr4d3yJ0Cy8nfW3sR5wJ2osiNtng_CQD507nlu3HrryAX1K2qBrOXVU2OfZ4J0a7reLaSUs7L175gI2Hu9QrZHZH0j9hRYVaieRLGJ-XsNaw5VnKG6O04kCpHiMQ6K87g9vJb9xqJejZMXSSkDhNncqNZRkNJqlHfU_j3vrbzXF244147BM4cTM_hbwYOih_MMk97SRjzxzgHOP2aJ5YerrNdBQ_Ufhp1gROS1x1LQ7_AXqyJoBwofg-x0MUd88rFgRd3aL1FWIyTdwUrwWWl4k3iReLse4n9Ms3dMIegVhSgO6RamHdCtbyGvjebiAVyFfPRIoFNKDc-dMXIj6WeitM8DKSsp312q7M1iY-q93cp84nS2fOeGXEmpRJLPJh8NTqe2JgGvhgQoTKMYUQGAdPVkuEA712Xa1izW2O03zeHesRLlO-qg1Ri_KPsCzhlWnV9WdqFNVn9PkyIt8KAw868Ky7irGqBu5N4yS0hJjfMP7z-RzZsWQuCa6Xs-diUbpwzvIQQ4Ttt-fzPONihUllH0TqchnLdmJCA23aYxQBZnalfjU0sKRuSro5MDgbSY3bCcftW2EEAch2eNWHhPpfgTQ6hyNkXort9HO3fiy9TCMxM-9vz6xyNipFGCTorq89aGw6aUtiNS7R2-8SoLCU7O1H4-G2iRoSXdqY969-kxTq3ayPgP4mbLdCuvulIWY5wZ39TPyI9FSrzBTmUv0OumW6-wrPvbhJn6hl05DdL_C44a6a_1kxj2i0k-q1mkl00bLrfOq7gvcCGJ4wrTtQmvGf_7QFmj_FSW_S2oWJmtFiYDLT_zb2dygWNOOIaIgw__B83Y04-GLNxkFnFGDxhE0t82ZUPIuF-_vyVtj1FdRFfGXIjtmyicU2ixrLAeOhum_5bbDQeYpwMdBCAR6HCUsylNKyKhNQUCFO-TLNUZaZC0cfZ8uRhyb0SLegNbRV8axL8bNHu9eKwxj_6-n2_I7_M5ZE5t48j9pjjP_OAtDh8CVWMdSt26fogWx6LgrQm6hmlpwWJ5RUEzqN5LFhJoWHw92K57ByvweWxcfVV0B9f8e85gXUPWjLngfHjz1-UsKdr6O5blib4P-VESvJ8Q-5MsW75J_glk5J6ZaTEBUfyojN-ytlv7d0XEG7fXI4Bwi2VLDvxOCi_Nb05MF2zjJ51b4xlnjoI4zDkrxcuzUpOrtBckocfo3euiKDFEwbB6l96N-u-z-3Cgr08-QnkCrQgRBDQYDWDLNHJmzIQohWlqAN_gAwBw6bX1_e3e9AfMkjBbY8csnhvhCycskZaB7blm695p51SnNwYz5mSH2T8Mx1TlScOw8-JL4ZsYhIcHzOQSYU2X_vLR2BI1SlmAYYz0JjRzC4ABzuxjw-rtU-uZXDIvwKstzkNUsZNrXx2Bj7KFsm1P_1xsPwG2A32Xud1ybhAPtke_yuUZr1P5NzB-2f9L-pJIavEMH-dEc-8K-aqQnuLHgz86jPAGZkVmtSIjy-KIrlUzEmaAFMg0O4rMd0HoFd3&cid=CAQSOwDq26N9t4I7kr1JSgCzkSihG-cxUbsy4kaA1lxDwTwMlIOfXf7nwAregHgSfEEP6VMMU8jrlsqBDp_YGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.dtto.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 21:12:01 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F5FA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

32ms
29ms

Image
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol: H3
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Redirect headers

date: Tue, 15 Nov 2022 02:08:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2159 106 KB
38 KB 89ms
21ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
Origin: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Nov 2022 12:10:46 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 2159 8 KB
3 KB 25ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C1MZJoUa8eJkIcIqnsSr_nU3fERwIKMkoplOJA59lUHw3BTyF9RryJMawlgUng1zfE1wN16-f9GfloGwW_YHye5q0IIA&cry=1&dbm_d=AKAmf-Aj5p-rD-0IZJbbOzSC3As_zcQuqJVu6f1Ehsgos93usViNCYq8xWn72y5VwHSLpil8lezy6yXurjowr_mRXYSwdGO_RVEUxa_y8ZaSHoCDg_jUTMimWPbc4yfs4CH1KseUcorJs-jdcwniBh4r-zDqbQQMDykCJkkHG5pM0-ra3ydiFpuBP0B2LzHJCAOzWSZqnb_-r7-zVJHED_Kv2AFp-Z_Z-7rb-YQGh8RDSN9-LaF2yjdqKRZgKOs5QbqQ3NIRjiMgARNcGXi0UBpaBJLH4uwd_Sw8z3_11oUCVCVhMlJFls207rY7m0x-2u84Ce71mjRg7ERlLx-VmXH8Jdz_eU53pK8Xi5Hor2-6qdB3hL1ceNOOd3YTEtkq16mU_PqRAJMmjbAtzVRv7lslKCfIcjw2Fu_5VmJKTzeRYEcuUPzNx4ZxwiiDhqIXSxWhIDtCc5dtgcTCPqS29OJLsgGqDjB0aoWip7QnssQ9d8BUz5j96scNxIDhRkBiYvMLIrk1M6Cg4YdtUm-PeCfk52LsKHVQ4xeJn5HWWNNBalIroUct92kD4IIftLoZ-N5lkAyXHyVdA3ShI6f4OPLpNavhM35u_66WSXbpToKXeHUqW4tPuEGk7hYA-39MYfJE7hMKWrl33_lykY_rHZCqPYufry4qOJBYlH_oNXZmtdesSoNk8iz3s-EO-1q6PObdBcgFZF5YurrN5tuDzNzcOeCPzgRDNSYwDlvwB4OHOontxZdJ0YkNAJACOPEDGGShG0kREq-sJYBptmYxWFPyIKRpSQTGBAa_bWrJlydNByeZRNaobSb8rCu3UqLW3rY6M8XTUUIoQ4cgr9Up9r81uIrwvTBzVwLC7O69NDMRR5YiOrfdlRS4HCJ2H0Z-idN99n8CwNBqzj_PBEhg0_ewd3EJTLzffQRPuTLy9E6aJNGuQ0YBQoCJG1dl5KUthtp3xX-NNiaFWJGWH7WCzGNLAYFsyyQorWwch-sCedl9seijUlZD-P6tHd9EiJ3D6dqHRrkloDPYewEQUNKoRUbCzQ8JNYsvA9Wch0NQoWuQvWXLfqVH9GNers_Ypy-rxekqfI6QSOizlyYIG2N6Wh39GLtYjBWtbhubGkmEOQvycdljHbv-naGAP-4tAVst6R8xmHXkTM5L_0I7qxZqNxH4bAmakC9R6CnSkOHs2c8vll6VzV7Er5SIbmeEtDdSlw9J_U0rfkGxabEI5oZ2zrwrL25NlSfaizI3CR070I4lA8bNPfK7zcUvdjkC-T9Yjx07zUNd9CutVjwqJTiUoipQPOLSiRwqbYptXuh0ohYqis-CZvcc-_HVJdE5TnEweJh-yp14f-rOMm_yO0IqOG6va7OnQJSnTN4HvW3lRuTKvpgXHnCU5jnhb5O93v0oyl5dVBCT7HpTHpkkOHi1c2A3msg_KgqShvGWAocpjFf001cPzkloooCfsM7fcv9Sq7zUC4vUrizkUActcWsUaVrOeLjMVenp2FefwpebhDGIVRkgVxHc4jrkOe9vavENfNSkMejxcyCyzZtSPOZiFvUkTC4xLu14ezYCkIyoxnvwxP2JLFKeh_1HczSYd5uYtQCugfLOf9mSQ_KuW-g4yczuMs8_u2vcVcqYR_AuLKgNqPd9iAoJHGgEGQMY3XdoXHm02TcVHbYNITSFr1OHQIKx_1kHt8341QFhaGQ_rzcoexYNlMXuVIVOJzfSIwKnSKXbRTKfDOQ89PrLjTbjv5ANQTi4xbkR-pm31sSYlmVc_b_Z-ImsoTOVjMKRaA4Mx7UoStmUduOPQ8qDyOF9mripp967eSroaP6wIcgDZttLrIAnIGeRHk0dw_-fOsR44W2JL344D6rpUv-3YUWOEqIPyNlvAyPmYnGGMIAu3FFZbZIAU-zhH3RLexqE0jNc95XdmMXK2bU9jkqDLr4vB4FQm01QuQmNpoFBB-VCPsBUdmZMCi7SDho19vj9gSx2K0HOS6UBe8gPaqzahUJOnDySYfGbngjrozSQgaMuF9LsSW_dZ9fRgfzqx5UaUyCGh1D_7uGsHfPW4orZkW-Kn_TcHYTXbCa80jFEvOJZ6ZVohH2bLkHkKLotZASk-tTK-Q4y_FoslnQjPzcvy9PNKELfCZwgl98STzFeVaJ_n4dRryhJWeRoqhK82AbmR0HkJ63Dm3fb7nFn07ag3BsFoGpfULvIVULqKjUcpJ74AxyLZhAqmqzX9TO4HZIL5J2qo0odPXjwT5uGTf4lPoZqXiZj2boclGF2fJMhNmJ6C6rpX5LqGUF12ccSF9HSiCezaFJocYCH8QMC2p89gzMAg58zrQtoYeZHMyyzZO8w_fBrjL-RrOLRZJMNfaQK4WfKwfJ5fTc3ibysacwpbg20Jits0ZEXwpTQZWx5iY9vz2uZO1Tf8aZce7VO_J_J-Hjsf5yZzC7ShTTDPXe_VpWOM4-04VSyuscg6E6yOmRG4nr91iNQeMWnS1ojv4W3aK15AFn5AjOa7qpCXvqoHHp_xUlFN1HvBa5hB-Ch2MkEmzLBhcRlAgJivR8cnJHRA5xEAvU8ufMhtUp4_rvcbgFLKp3P9xKoJpD818bCoEpsL30AGBgmdmFUVArte2ctwS02jRUpGQ0kBgMnJNXT3nQ-H-dJxYG3IQfoBfWZUKJHGFx8pxeJYBbDeZqXyDo1tWBD4iawXCQMYSg7RAzJS5RxLU3AABabxediV8cHLky4Y2mZrMHymeIiHilHxkyh5v2Vl5gElca2n0gGAGd2vgxcIjngmTC0ykGxmjvvuKG2FkEiEhVC_1V5vus9kr3bxDqeHGSfjXwJLpn2g3U1UC_xyjCyYw0T-hvlo75sLLvgVuIYZH22x0LGT5Bzo58SL8M5NC974T5pCIY253jrNOJGE-VorlXgx0fJfik6o8I6IP0U3w7ZXHDZLUKcFulrGPIB8o1zsqUwk0qwoBVWAwcRrWg64He2CBUm7W1muT0FYy0hbBQ9-OIjthGr3gcUaGu2YyLkuuMH1EyjpkyINduUQ4aabyGuetXqm4E49qFkkbfJOAunHatl1mzpIMN7w-HwrIljSJwXvJpW8BUB1dUovdWDeK7_qXUBX25foHlzdDFkqN2qgbkjPDcCn1bumQNe4hygAHOmd3RYBXTMAbFQNSJU1MsFUf-TfatCqR7odjGtBJ0KyYGgmF1U6ibXkQdCUJCJRBHOCDcRPZuB8WnK1ElnNKJPa23gYi4_d5_lGGz5SoEvqrecmHEzYaq9W_EQqM41iJQBCSReslIg4wDId0aN9ffKZHUOfkVFNpst6-O8VSaCTpfMvGdBXHKksEfGQ-9K39xcaapp2fdrClKce_6D8yiby2HRI9LwN9P-KxvsvgTf_XJP_KFX8LgpF5wHb3s0sTkVWceySVz2-KopU4M04G2ZzwiDvGjP_7t8JzoDZGCgYsA1o60&cid=CAQSOwDq26N95nv7KnC2D28t1TCxMTLJPPNx9pZFDX3d9LZI5--y82qX52dthsKEhT8K7DBXIgQlNs3FF4AUGAEgEw&rfl=1%2Chttps%253A%252F%252Fwww.dtto.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 13:43:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 13:43:52 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 2159 29 KB
11 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 13:36:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 13:36:26 GMT

GET
H3 200 12165211899370880161
tpc.googlesyndication.com/simgad/ Frame F5FA 38 KB
38 KB 23ms
21ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12165211899370880161?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkqhDuNeT1tZ9Y34BYrJu4S-GVk-Q

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0afedc954bed8cbef25bec4ca8491308683dbba69b2bcdb9d21cb4c1b6c700a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 02:57:40 GMT
x-content-type-options: nosniff
age: 429067
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39248
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:29:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Nov 2023 02:57:40 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F5FA 3 KB
3 KB 35ms
33ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 20:27:17 GMT
x-content-type-options: nosniff
server: cafe
age: 20490
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2982
x-xss-protection: 0
expires: Tue, 15 Nov 2022 20:27:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F5FA 344 B
368 B 35ms
33ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:22:22 GMT
x-content-type-options: nosniff
server: cafe
age: 56785
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 15 Nov 2022 10:22:22 GMT

GET
H/1.1 200
OK dvbs_src_internal113.js Show response
cdn.doubleverify.com/ Frame A31F 59 KB
19 KB 24ms
24ms Script
application/javascript 2a02:26f0:1700:3::5f65:1ba7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=26643634&cmp=28827339&plc=349943219&sid=5775970&aufilter1=684948642&prr=1&ppid=103&autt=1&auevent=ABAjH0iLaYXAD016282jhP4mXQcn&c1=684948642&auorder=1009024872&aucmp=18338891179&aucrtv=451417793&auxch=1&pltfrm=1&ausite=0&turl=https://www.dtto.com/f&aubndl=&dvregion=0&unit=300x600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:3::5f65:1ba7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 15 Nov 2022 02:08:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:56:00 GMT
Server: Microsoft-IIS/10.0
ETag: "0b85bd045ecd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19448

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8E35 22 KB
8 KB 23ms
23ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 543626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 19:08:21 GMT
expires: Wed, 08 Nov 2023 19:08:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2159 41 KB
15 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 21:12:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6770 1 KB
643 B 22ms
20ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 14:00:55 GMT
etag: 48472445140208031
expires: Tue, 15 Nov 2022 14:00:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2159 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64b66ecab9e4243760888a8dadae1d5d3e5cb734ba3c4fd23eedcfa7beb99f1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame A31F 9 KB
5 KB 276ms
32ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_939220449502&jsTagObjCallback=__tagObject_callback_939220449502&num=6&ctx=26643634&cmp=28827339&plc=349943219&sid=5775970&advid=&adsrv=&unit=300x600&isdvvid=&uid=939220449502&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=107&bridua=3&dup=null&ppid=103&auevent=ABAjH0iLaYXAD016282jhP4mXQcn&aucmp=18338891179&aucrtv=451417793&auorder=1009024872&ausite=0&auxch=1&pltfrm=1&aufilter1=684948642&autt=1&c1=684948642&turl=https://www.dtto.com/f&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&aUrlD=-1&m1=13&noc=4&fcifrms=6&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D5EE%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D5EE%40%5D4%40%3ETar9EEADTbpTauTauf4ab33f2dh66a7_h%60b34d5feg_e56362%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D5EE%40%5D4%40%3ETau7&dvp_exetime=7.50&aubndl=&callbackName=__verify_callback_939220449502
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 4a56195022c079db57a6aba03a355b21b8553f025bdcfdfc46777b63ca5c6257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Nov 2022 02:08:47 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 11/14/2022 02:08:47

GET
H3 200 eba53b87-1de1-43c4-af84-eb9b691747b0 Show response
www.dtto.com/service/megapx/v1/images/ 2 KB
893 B 382ms
381ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/megapx/v1/images/eba53b87-1de1-43c4-af84-eb9b691747b0

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27d570f14bb17dbe1ccafeaac817f17aa6f63e8e199c8878fd181df4c0ca148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 00:31:13 GMT
server: cloudflare
traceparent: 00-863805a4e83aad459cd92fe5b321058f-651202a299e3d80d-01
content-encoding: br
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600, stale-while-revalidate=43200
server-timing: cf-q-config;dur=5.0000016926788e-06
cf-ray: 76a470e7acb59134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc-trace-id: 863805a4e83aad459cd92fe5b321058f

GET
H3 200 e45beb74-7d76-44f8-bedf-d7ab87781c57 Show response
www.dtto.com/service/megapx/v1/images/ 831 B
750 B 387ms
386ms Fetch
application/json 2606:4700:4400::6812:252c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dtto.com/service/megapx/v1/images/e45beb74-7d76-44f8-bedf-d7ab87781c57

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/_next/static/chunks/pages/_app-0208df9d10a6220f.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:4400::6812:252c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c555c1a2a15432e6dfb797e42629b493af80c7b86d0e256d9a481a939f545a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 00:31:13 GMT
server: cloudflare
traceparent: 00-bdcc777e590d87785e5d6d75e62ebdc2-240c0420e15b5c0e-01
content-encoding: br
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600, stale-while-revalidate=43200
server-timing: cf-q-config;dur=4.9999944167212e-06
cf-ray: 76a470e7acb79134-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
dc-trace-id: bdcc777e590d87785e5d6d75e62ebdc2

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/14588225530499216316/300x250/ Frame 0366 90 KB
21 KB 66ms
21ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01399baa87f00c6f67217a0401b2a7289f57df1699118dd704b70641936b911c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 368792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21119
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 19:42:15 GMT
expires: Fri, 10 Nov 2023 19:42:15 GMT
last-modified: Tue, 08 Nov 2022 13:10:55 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2159 0
0 145ms
72ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSG5T8S3-Wlc3gyFxrw87W-6LLEpyo-C_4hcXyZEviSnrmQQNN7nZeOV78-UnGYBGFWibdyrb2kWumf0qTleuisEWFANtF31xgwcv37P5WUL5h6G-YXphfaxkbxQ_Iiof4XvNTwURnnw0zaxl5ojqSHImBCZg0rLoUgc9icLoYYWBRhAbT3tAsHGJIEkHmX0C0ZV3aXkf3oQw8n8kmQ09tyMvpEln_KxnLJBT4QT12QEMrz3LWjpK7MK_UwkKsJmDvxzo_vOrsJbEg9fh6NtlFyiG1Z8RcCKs1RFYXnfdN7eWQe9eexV65LT2vVT8jOAKI-19hE-mQZ_Smi-4zBMwniyMiMjXtHsQPQJJ7ZB93IXqC-CfqravQhWEaX9igdQovVAsqRI2gosE2hbxDF8EzqgBa8KxCqHavfgWWN6PcN8yM4oJufvyo57bb77QO1ULrxTn1YHzuQcI8Ru5ldPPB9Cc8xMe5E86nYZmdA0GSiAYpwh5IVGJUKd9lIq2kTXJp-c7YAoCDhblERDA84jnPytFa73wmQXJvHoezyX-9Ui7ZC6BpMPoibSm96IdtwjTTPX5NCFnxLQz4dFRN5h7Pzmugt9z84NDUVKY0aJsyPD8bnaz9tztoNNF7pMvcMpl53N8WO4thpXCvw9tfyeJv8BweoJjDJyGN_Nj5f0RjvDftGog-CTDr3CZNH77O4K2e38CHP0cua98WNOXMz7jMV2rUkt4tbfFfwPYnfOigUE-MV-1A2SQvbgb6iEPn41e6eWYRikyDEtHqfcYP7q6SoCtJ-8WTvhFxzW37JTmmD_19tUf0J8i0qcdym8DUz8ScN1gGYUZtTIG3KP0TQG8m48LX6stO3k3xvc_FZXyueDwIvQxj3oenSeBA4fSIyz3dFJs6AN4cz7o6xUFaNkM1yE0qvgPj9uOOhGOiq_jFY2derI_spTK4o9e0P7z6X9wXK-3xkZUeczBHIllEC02NVpPIsPHwAtnk7bLuiNGGwX54LNHie0VDTOuQ_lHny2Z6TqXWNJvbcBbE9L5HWhvU3Kh_k8QTCsPTYuFY7kq-FupJVUQm7gpf3-JMbzZvsasUmZmbD0tG5o9KBw6erhuurH1261SCh0ZKy_f_6kOneZW0h9l0RpsK-UIxbOtLY6XQsdyrnPPmAk_xRqRHy_HsY6HamNl_1VXbPvxsKkb8btdoqCt0x8kWDqIDQvMuQMuqy6Q3P9ypaoL7KjLla3nDyDc_JwejVBt2zmO7UzbAoYyub1TiVVAJ9A4chj8T5Kg&sai=AMfl-YSaVyrfXka9rL-7l45ou5JOclJRoU_Y24VnRNX0JGecfQaUyGQSYTGhtft3WqjoujSIrkTnBTxJtlcui-C1K6ii-7hnzledEmYnHgGA5M1JzMKoOeRrWzkgABZqFDQ0RtMAJtr31f13PXaHiXNn60fMHPOdwXy9Qv7MusjIfvkyPQQFGPcuRHKyQhVJSDCMlZqb0KpAOYB9KKd9hlVVXCRVN5BHBXtD9Kmg1CZT9gpwiRDzfGHtJzuAxoHAToXc63_fxVtVQFc&sig=Cg0ArKJSzNjknAxlGlpREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=247&cbvp=1&cstd=239&cisv=r20221110.92735&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 15 Nov 2022 02:08:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Nov 2022 02:08:47 GMT

GET
H2 200 93656
tags.bluekai.com/site/ Frame 2159 62 B
579 B 319ms
215ms Image
image/gif 88.221.168.166
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D28842666&phint=crid%3D181956465&phint=pid%3D350291820
Requested by: Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.168.166 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-166.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 15 Nov 2022 02:08:47 GMT
content-length: 62
bk-server: edb2
content-type: image/gif

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CF30 22 KB
8 KB 26ms
23ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 543626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 19:08:21 GMT
expires: Wed, 08 Nov 2023 19:08:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 6770 0
98 B 94ms
30ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FZWcn2mcJjcRkgSUSy68imXpg6caNUcj39F7_2A-tJmDh7NEXAejDSCeDwvzeHOvbxkxXYS8NWyGWwo5azWYLixZeWiayk&google_gid=CAESECa89ASHYnIG5_q912NB7Qs&google_cver=1
Requested by: Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6770
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZTZRtl...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZTZRtl...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMTUwMjA4NDcwMDAxODI2OTU3NzA5OQ%3D%3D&google_push=ASkJ3FZTZRtlePbtMaUc37ee1UNLsp72zDZgcks6HX_WqmLxQ4tMGEDLAl5XACl8hNH3tz...

170 B
188 B

33ms
33ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMTUwMjA4NDcwMDAxODI2OTU3NzA5OQ%3D%3D&google_push=ASkJ3FZTZRtlePbtMaUc37ee1UNLsp72zDZgcks6HX_WqmLxQ4tMGEDLAl5XACl8hNH3tzawHOfV23DUhPp7uNkO80eixY4u1sg

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMTUwMjA4NDcwMDAxODI2OTU3NzA5OQ%3D%3D&google_push=ASkJ3FZTZRtlePbtMaUc37ee1UNLsp72zDZgcks6HX_WqmLxQ4tMGEDLAl5XACl8hNH3tzawHOfV23DUhPp7uNkO80eixY4u1sg
pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 15 Nov 2022 02:08:47 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 6770 43 B
356 B 103ms
33ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENtmwckahhx7HM4_oN75S_k&google_push=ASkJ3FZpIzORbL23VfKt2cpMWngZXcTUOKNSeze-W3cNY91T6rjh8MB4sUK4h3QvwV3omp3aGIkeTgV4qec2fWAUMIHDYqvVu7g&google_cver=1
Requested by: Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6770
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nHdCCDvfQU-7ltaHBIZWvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
32ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nHdCCDvfQU-7ltaHBIZWvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYZ-o8y89RMFtyRauLKwDbbZrQqnh6O7py_FxnR0G1LGaClnDHNBpzp8z72Oru6NobKzpPA7iR-ZZWdu4uGBCWT942KFiQ

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nHdCCDvfQU-7ltaHBIZWvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYZ-o8y89RMFtyRauLKwDbbZrQqnh6O7py_FxnR0G1LGaClnDHNBpzp8z72Oru6NobKzpPA7iR-ZZWdu4uGBCWT942KFiQ
date: Tue, 15 Nov 2022 02:08:46 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6770
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIpD7apnrWdoOcdSZAJSaVw&google_cver=1&google_push=ASkJ3FY0CWzMGAEw5SlzxDbvTRjOUv-5L4hFtixrFBUugMtDhk2eUbi37Y8jsxn8Rt3bufwsL1_...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFIS1NRSzgtVC01RDhD&google_push=ASkJ3FY0CWzMGAEw5SlzxDbvTRjOUv-5L4hFtixrFBUugMtDhk2eUbi37Y8jsxn8Rt3bufwsL1_u4jdo2leBHwaAysdsYv_HSds

170 B
188 B

32ms
32ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFIS1NRSzgtVC01RDhD&google_push=ASkJ3FY0CWzMGAEw5SlzxDbvTRjOUv-5L4hFtixrFBUugMtDhk2eUbi37Y8jsxn8Rt3bufwsL1_u4jdo2leBHwaAysdsYv_HSds

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFIS1NRSzgtVC01RDhD&google_push=ASkJ3FY0CWzMGAEw5SlzxDbvTRjOUv-5L4hFtixrFBUugMtDhk2eUbi37Y8jsxn8Rt3bufwsL1_u4jdo2leBHwaAysdsYv_HSds
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6770
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFgetyBMmWlKeES_ocCShC8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFgetyBMmWlKeES_ocCShC8&google_hm=Y3L0r45eGsjahThPggUPhgAADNUAAAIB&google_nid=index&google_push=ASkJ3FaCm2pD6MCkCLeaW0qRv_nVUJn9Q12E9...

170 B
188 B

33ms
32ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFgetyBMmWlKeES_ocCShC8&google_hm=Y3L0r45eGsjahThPggUPhgAADNUAAAIB&google_nid=index&google_push=ASkJ3FaCm2pD6MCkCLeaW0qRv_nVUJn9Q12E9rfc5Uz5MyjrIfAXbJ77OgRHVpeT0EhIMrzBopU5AygrkT0oZcLXmy_aqTeuIr8

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8KpbvfBIzHcGgC5qOnHSgb%2F3rhlDp21iSiup1enZD7An5eD4%2FrrMT4R8C5JrAVf9OWzJLiGyWmh7NermmLeAAFAXWzAXb9qpX2RiyaqePVrMkNRWnkCAJAbQEdmX%2Bnny6O5nSE2ELnyFg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFgetyBMmWlKeES_ocCShC8&google_hm=Y3L0r45eGsjahThPggUPhgAADNUAAAIB&google_nid=index&google_push=ASkJ3FaCm2pD6MCkCLeaW0qRv_nVUJn9Q12E9rfc5Uz5MyjrIfAXbJ77OgRHVpeT0EhIMrzBopU5AygrkT0oZcLXmy_aqTeuIr8
cache-control: no-cache
cf-ray: 76a470e86ea9923e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 6770 43 B
297 B 377ms
37ms Image
image/gif 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEKqYmc0x16TLItF6NG-rimk&google_cver=1&google_push=ASkJ3FaiHqxFM-5RYaTOG6cIkTTv4Kjf7UMf32Z8OHl73g3sQzVdFO4Kjd-sc3L5vnUsL-WqIlLIbeVDcIMt0_tmfSZ4_Awt-hg
Requested by: Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6770 0
12 B 34ms
29ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L9VHje4Sh_3gBUx2w6X273tsUuPLyQBQfWpF8BtzwpONOFL_gaj3oqMXvhSPQPZqTUXEW4

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:47 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E35 36 KB
16 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 17:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 17:47:40 GMT

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame CF30 36 KB
16 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 17:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 17:47:40 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 0366 29 KB
10 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17155
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Nov 2022 21:22:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
54ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111001&jk=485506711188665&bg=!R0SlRADNAAbvMpMzzzI7ACkAdvg8WlwrxuXt6IuGxJW7Nozbul2mgy8Mkx_MTf-zv-SX8IqKNpuRpAIAAAEXUgAAAAJoAQeZApePu5a2MsOgMf9Mh7_94OXd_mU8kwsIctyq9FFIKynaYa_QuMH3ZWhEFVMVpXwgeCfB6THRjrOvVXJGgGgSDxOUqrvLzDMKZpB9Ebki2kAabkja8MHBmOHYEXFD12h_U4v5WxoByJfQ2KUkE84pFc7d93JJc8TCOmuQQIxEBMZL5nyBdGOHfslf0kzNeRMSe4Iczq6Zr0AzB1LOfpcpRb-Xv9LkLrtKzdclZ2JbFm7Qz2e1Tn_QRVoHeP78Q2ovWLryfIKTJ9OFY1SxE6O8DB_o17U6RVsDWJYWCVSs9_9PV2nkv01fHl7fDvaBJN3QfRltGIucxFmSqMnoKLDSP0pFAOGg6Q_n0GAqwIB9E0yHVt00tmJOqervh_2_zVLUwiScc0xanYPJA7HlmRjfq3NCLd8p7Joz2bxolfM9hcHy6zafqVCTJkkO3vnI9fEhAC32mZP76Yae4e6qLocMsBNsfBljWakWRxc597l-51JZnNA8v0Zqh5bUj_VTRKcA7tn7GP-RgSyV8RaThKtHnmptIpM77QV-Bg1HgxoomHOio4QU9VcWksP5GDmZtraf7A_mUHLbHLli6pb4_QfRi-YUScIeuaZhdJLhGfH3GllM3K50dsH2tk9YRYcV3APPJRb0xZwbBpAnPDcwpLWNRhS4rZ5r20NcS8zX8unQ3nNyMnZQF03Bt0Lwc2Gr6BN_xSO5G-7i3jtOp3E0v-W1Gyp_CconJIjYJEMptGYXhZclGmkEo47GeN6_fb6UMfkRyWo_PB4YPBu2DS8GlBT3KR0CM3qz7OqcFByCHNAchzXmosCD-0hcU0oG2EU1hzuXDjaO7CfBASAa8RrXesdvaFJuB7Znbptq_0ROkA604w2Q4dXH1RslDT8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame A31F 0
229 B 70ms
23ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=a682cd9f1aec4de7a5cb80cd8eb72aab&dvp_ac_version=0810&dvp_acibv=&bsigr=19860153565696&cbust=1668478127648785
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 15 Nov 2022 02:08:47 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 11/14/2022 02:08:47

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame A31F 28 KB
11 KB 66ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 01:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3027
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10900
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 17:19:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 15 Nov 2022 02:18:20 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2159 0
0 110ms
61ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstSG5T8S3-Wlc3gyFxrw87W-6LLEpyo-C_4hcXyZEviSnrmQQNN7nZeOV78-UnGYBGFWibdyrb2kWumf0qTleuisEWFANtF31xgwcv37P5WUL5h6G-YXphfaxkbxQ_Iiof4XvNTwURnnw0zaxl5ojqSHImBCZg0rLoUgc9icLoYYWBRhAbT3tAsHGJIEkHmX0C0ZV3aXkf3oQw8n8kmQ09tyMvpEln_KxnLJBT4QT12QEMrz3LWjpK7MK_UwkKsJmDvxzo_vOrsJbEg9fh6NtlFyiG1Z8RcCKs1RFYXnfdN7eWQe9eexV65LT2vVT8jOAKI-19hE-mQZ_Smi-4zBMwniyMiMjXtHsQPQJJ7ZB93IXqC-CfqravQhWEaX9igdQovVAsqRI2gosE2hbxDF8EzqgBa8KxCqHavfgWWN6PcN8yM4oJufvyo57bb77QO1ULrxTn1YHzuQcI8Ru5ldPPB9Cc8xMe5E86nYZmdA0GSiAYpwh5IVGJUKd9lIq2kTXJp-c7YAoCDhblERDA84jnPytFa73wmQXJvHoezyX-9Ui7ZC6BpMPoibSm96IdtwjTTPX5NCFnxLQz4dFRN5h7Pzmugt9z84NDUVKY0aJsyPD8bnaz9tztoNNF7pMvcMpl53N8WO4thpXCvw9tfyeJv8BweoJjDJyGN_Nj5f0RjvDftGog-CTDr3CZNH77O4K2e38CHP0cua98WNOXMz7jMV2rUkt4tbfFfwPYnfOigUE-MV-1A2SQvbgb6iEPn41e6eWYRikyDEtHqfcYP7q6SoCtJ-8WTvhFxzW37JTmmD_19tUf0J8i0qcdym8DUz8ScN1gGYUZtTIG3KP0TQG8m48LX6stO3k3xvc_FZXyueDwIvQxj3oenSeBA4fSIyz3dFJs6AN4cz7o6xUFaNkM1yE0qvgPj9uOOhGOiq_jFY2derI_spTK4o9e0P7z6X9wXK-3xkZUeczBHIllEC02NVpPIsPHwAtnk7bLuiNGGwX54LNHie0VDTOuQ_lHny2Z6TqXWNJvbcBbE9L5HWhvU3Kh_k8QTCsPTYuFY7kq-FupJVUQm7gpf3-JMbzZvsasUmZmbD0tG5o9KBw6erhuurH1261SCh0ZKy_f_6kOneZW0h9l0RpsK-UIxbOtLY6XQsdyrnPPmAk_xRqRHy_HsY6HamNl_1VXbPvxsKkb8btdoqCt0x8kWDqIDQvMuQMuqy6Q3P9ypaoL7KjLla3nDyDc_JwejVBt2zmO7UzbAoYyub1TiVVAJ9A4chj8T5Kg&sai=AMfl-YSaVyrfXka9rL-7l45ou5JOclJRoU_Y24VnRNX0JGecfQaUyGQSYTGhtft3WqjoujSIrkTnBTxJtlcui-C1K6ii-7hnzledEmYnHgGA5M1JzMKoOeRrWzkgABZqFDQ0RtMAJtr31f13PXaHiXNn60fMHPOdwXy9Qv7MusjIfvkyPQQFGPcuRHKyQhVJSDCMlZqb0KpAOYB9KKd9hlVVXCRVN5BHBXtD9Kmg1CZT9gpwiRDzfGHtJzuAxoHAToXc63_fxVtVQFc&sig=Cg0ArKJSzNjknAxlGlpREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=615&vt=11&dtpt=368&dett=3&cstd=239&cisv=r20221110.92735&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.dtto.com
URL: https://www.dtto.com/f

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Nov 2022 02:08:47 GMT

GET
H3 200 1280.webp
megapx-assets.dcard.tw/images/eba53b87-1de1-43c4-af84-eb9b691747b0/ 58 KB
58 KB 984ms
984ms Image
image/webp 34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/eba53b87-1de1-43c4-af84-eb9b691747b0/1280.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6222fe0cd7d0f51ff664c0aec5ac374ba7c66fb818bff01c43cf2eb651343c73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:47 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdt-4gBU9rOjSQiMgsXJy8fmYW3oUiLggFjtp5Pss_1mgSe6iKPYvq5Zg8ht0n_PmcabWJEEDtNkVzG-oWqOcRicHfjNUyoZ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59552
last-modified: Mon, 07 Nov 2022 09:51:22 GMT
server: UploadServer
etag: "6702c8a7a57e30f7570df0b492687919"
x-goog-generation: 1667814682473414
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=WHkMhg==, md5=ZwLIp6V+MPdXDfC0kmh5GQ==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 59552
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:47 GMT

GET
H3 200 h4.png
s0.2mdn.net/sadbundle/14588225530499216316/300x250/ Frame 0366 7 KB
7 KB 23ms
22ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/h4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b57c7e0fcaaed10f4d99b445db6e98dc8fa7f14636c3e57b00a4a739f6aed8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 22:42:18 GMT
x-content-type-options: nosniff
age: 185189
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7484
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:10:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 22:42:18 GMT

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/14588225530499216316/300x250/ Frame 0366 4 KB
4 KB 22ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/h3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c70505c7d91d75bc067ca3b68bd8cc77a23e1cbd38533c72d531a1ed8f9a93d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:03:04 GMT
x-content-type-options: nosniff
age: 273943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3706
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:10:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Nov 2023 22:03:04 GMT

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/14588225530499216316/300x250/ Frame 0366 3 KB
3 KB 30ms
29ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/h2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c189fd64deacf3883b5e4c6eb13166eaf4557eea1b37d4da30608beb368197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 10:07:42 GMT
x-content-type-options: nosniff
age: 489665
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2644
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:10:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 10:07:42 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/14588225530499216316/300x250/ Frame 0366 5 KB
5 KB 25ms
25ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/h1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a661c8beb99f57cd116c079606d235b5abffec848f7dce250d90932592c67fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:14:45 GMT
x-content-type-options: nosniff
age: 291242
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4735
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:10:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Nov 2023 17:14:45 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/14588225530499216316/300x250/ Frame 0366 2 KB
2 KB 28ms
28ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69fa5f6a24722a5a543077f698f3a7803b4b018d636cb31eb93ae24e992e425e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 03:19:02 GMT
x-content-type-options: nosniff
age: 254985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2117
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:10:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 03:19:02 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/14588225530499216316/300x250/ Frame 0366 34 KB
34 KB 32ms
31ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/bg.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b6373c7f640889e490f0da4f5b88a47e2187e49c3ee7e940ce98bec28ccddac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 10:07:42 GMT
x-content-type-options: nosniff
age: 489665
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35139
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:10:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 10:07:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E35 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bzs3XrvRyY4OpOdjC7_UPvZiZuAgAAAAAOAHgBAI&bg=!QUKlQgbNAAbvMpMzzzI7ACkAdvg8Wk7ezpM2IOMwz6hXwGeD5auXTXBNQ8ROWi4T5jVsTd1-3se8WAIAAAE4UgAAAANoAQcKAIgZmksWbZkXqdWHZWY2whmUbvCio97VmTdnVpzNcbuW_K-mTi0-1V10xg4LTFurvIWumRwZVgYPuwrruVcYaUzVC6kfFgI04im1yhNsIGMTTcQOH-vv-2yq680gIUz-40PELJuixCE_IfurkZ0FO1ewZ-JsfumIuCyYm02tAUl6KizXobsXkbMamQLgEUCtYSiChUTQemctAr7ZDwXlv-sPkO70L-YLBRBvgFauAP0tkc2CczkNNL2dc7Ynrutc_uMvk0cKZMbMmH-oR6mMsOniIqElQYuu8MYxZqvCQ7L8cjhVfocMgenOwLrf44mlFNC1yp_wvyMQEMn7njIdlpfsmtL4r0dkPPsgRKmbnPAE-zj97asA2l12d9pk4FgFmJKk0K1oKEYMyC-ZJ3yL1NqN77CBlhldu7HHwkc7YLIMxQfytBMWo9926c0HXveSkBCsJdYjY3oD9XqI2xY4-sDb7Qj7-hmmy09Cwqem5SJdE0QWznFx0nKOCzuR-u5LHg8PC9oNXiB_MEG6Izqg7qEdYrtl1eZAC6dmZ4V3DSf10to_AAEM6tk-Dxx16nzbZcSsJOsW98zlN6BZKIU93YrVrlqK3wCXBP-lkWNhwGTX6cDu4cFITM6BmfR1GcdE1V4n0fle7nTMkWJjrZ7hPsfEInJbX_rcHuqJfRYvX9wjHNYSmndg9AEBDESLg-C_A9EWgday5US9FcrDHB126mnhLzXYipGFxwT5mCVyq4aZHK45cii-6xHCNraiNlbNndZGLeaRK_HB85mXzh5HtGwtExJ6H9osm1THRUHvaYE_Sw5lH-se2Y-BWNLr5T0U_eotHZZRR3YxD0NVoeWXeFcgJ7vB9QVejRfNh8A8C7TaqT19bJGVhu8pWG_lXnwUo88iS8M9_YFd-w7oZxsK179yf6Yzt_VROPOU5PHOIuWW2SUqVT51baRW57LWJJQzaLqMaG1fRGMBnAwF1pk_ZwKO7V4mTIu5Euv0fp4NCrGd7QBnuurionMp1x8epvLnC2MQliHAVxRvHozn-cQlJdVXwZGVbfWRMIcrV6sHpJjTawUpAwweFn6VLfUpf7QUQ7UuwWuNL4igiwr9XTCxLjk9qh4Ktnz9k4aVDfZoIck_2QnSQJus9Ud4MvqWNrwo1DMaOBWIjnN-4iSK0A

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 full.mp4
megapx-assets.dcard.tw/images/e45beb74-7d76-44f8-bedf-d7ab87781c57/ 521 KB
521 KB 891ms
890ms Media
video/mp4 34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://megapx-assets.dcard.tw/images/e45beb74-7d76-44f8-bedf-d7ab87781c57/full.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a003aad25c727636df00a5447d9a21d1fbc879d18da7309a51ff859f7f36c614

Request headers

Referer: https://www.dtto.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 15 Nov 2022 02:08:47 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdvC50R0nx2CW8X7g5LqvSKTmg_mw6XQEPKqrfHbSoxibV1sp12Jjg6MNTB1aVQeHs3wsQetBFwsDtICallFBsyN7g
x-goog-storage-class: MULTI_REGIONAL
Content-Range: bytes 0-533126/533127
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Content-Length: 533127
last-modified: Mon, 31 Oct 2022 04:10:43 GMT
server: UploadServer
etag: "d55bb383c291ee4003d9a467aa505965"
x-goog-generation: 1667189443119790
content-type: video/mp4
access-control-allow-origin: *
x-goog-hash: crc32c=XuBgDw==, md5=1Vuzg8KR7kAD2aRnqlBZZQ==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 533127
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:47 GMT

GET
H3 200 impl_v92.js Show response
www.googletagservices.com/dcm/ Frame A31F 60 KB
23 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v92.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 16:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23563
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:32:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 16:26:48 GMT

GET
DATA 200
OK truncated
/ Frame 0366 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/14588225530499216316/300x250/ Frame 0366 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69fa5f6a24722a5a543077f698f3a7803b4b018d636cb31eb93ae24e992e425e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 03:19:02 GMT
x-content-type-options: nosniff
age: 254985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2117
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:10:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 03:19:02 GMT

GET
H3 200 h1.png
s0.2mdn.net/sadbundle/14588225530499216316/300x250/ Frame 0366 5 KB
5 KB 22ms
21ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/h1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a661c8beb99f57cd116c079606d235b5abffec848f7dce250d90932592c67fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 17:14:45 GMT
x-content-type-options: nosniff
age: 291242
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4735
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:10:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Nov 2023 17:14:45 GMT

GET
H3 200 h2.png
s0.2mdn.net/sadbundle/14588225530499216316/300x250/ Frame 0366 3 KB
3 KB 26ms
25ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/h2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c189fd64deacf3883b5e4c6eb13166eaf4557eea1b37d4da30608beb368197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 10:07:42 GMT
x-content-type-options: nosniff
age: 489665
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2644
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:10:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 10:07:42 GMT

GET
H3 200 h3.png
s0.2mdn.net/sadbundle/14588225530499216316/300x250/ Frame 0366 4 KB
4 KB 26ms
25ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/h3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c70505c7d91d75bc067ca3b68bd8cc77a23e1cbd38533c72d531a1ed8f9a93d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:03:04 GMT
x-content-type-options: nosniff
age: 273943
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3706
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:10:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Nov 2023 22:03:04 GMT

GET
H3 200 h4.png
s0.2mdn.net/sadbundle/14588225530499216316/300x250/ Frame 0366 7 KB
7 KB 26ms
26ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/h4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b57c7e0fcaaed10f4d99b445db6e98dc8fa7f14636c3e57b00a4a739f6aed8dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 22:42:18 GMT
x-content-type-options: nosniff
age: 185189
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7484
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:10:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 Nov 2023 22:42:18 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/14588225530499216316/300x250/ Frame 0366 34 KB
34 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/bg.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b6373c7f640889e490f0da4f5b88a47e2187e49c3ee7e940ce98bec28ccddac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/14588225530499216316/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 10:07:42 GMT
x-content-type-options: nosniff
age: 489665
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35139
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:10:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 10:07:42 GMT

GET
H2 200 B9689862.280584279;dc_ver=92.271;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=1964084963;ord=l1e0ft;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.dtto.com%2F$... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame A31F 53 KB
26 KB 130ms
69ms Script
text/javascript 172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=1964084963;ord=l1e0ft;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.dtto.com%2F$0;xdt=1;crlt=7vWUWuMerj;stc=1;chaa=1;sttr=49;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

f65c8cda6477556182933a180cbd7ddbdb8bac80bb227b99984e2e050670b55c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26183
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CF30 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bzvt3rvRyY9-XOtH77_UPrNmv6AcAAAAAOAHgBAI&bg=!i4iliMzNAAbvMpMzzzI7ACkAdvg8WuZF33oOOWeWfxkFcCYMPNaAExwQejdhefVZEhYVCND2J4f_gAIAAACoUgAAAANoAQcKACHdxzO3forYKPu7bjJJqv6uVG46qg3CDwRU22GC4th2Cy2ZAu8FzoCOMzXKIPNa4X60RrPMh3h-VbYw3KNRxuvgmr1KY9XU0f2tLhiYZY3KPS9ad6kabUNxpxR18bfN4aG1h5RoK1q1nzph13PtWTQriuc7ZKf5QbmoFY6_dvyf2JhJs9tA8CmXSlQ8uTrk9QcqIjhxkL_lncZiA37hZpFQSkkd8LORrueH7Xxop0mNaUIs3IpfrKj75bWcamSNPXKF4LjyxXWUEbodsVcmNZ5UTfe8Xo9HN83kC9o4TlpI6nEDsMhGZ3Zb1fPigK42_rtifu8rsqEmD0xIx5lJoFLTYscV7gFdIgLcLOIVdQSmdj5xBRA6IWIHJt2teIeEEYm7zBM6WOD-NwIahTmKEeyRQB0lplG8sv1_jUlWLFETMxvcn4GSryxO-kV7XLTxH-l9FSo323b1ZsDf_ffCAW2luxyd89r3E_ctwcXgS9jXwXdaeyqA7Z34DQW1byDCwMBG1LYPlfEBrWfvNvquhX2GXq_RczIz_oGolScCVUKo8C06TN1ZDwhOESuSVO1JDbDOnv8jewtKgo6FFKSQB50489dnkMX7F8scqg2gdj3UUilxGzoQJUpIvYQZgzF3toxIKcImdNfr3EvAiLkJGnwB0z2pon_o2n1fCJVAINccqVwDCzxJ_k-jMydhYHt7mFZdBCmxCr19DK-b2ydEeEywINo-tXNXLxsAfJtzKVtHZL8smssUj6aThYJz0ai8Fk9indzBM33_ba1uqqIlNRQAiZxYdmO95LZsGhxbAH1wFIZIO3hP8J8sLOS1FjmEXQ0E8RW-htQCPt9D2M9iQ8o_RUbIB70XRsn85ljKsg3tU7snYhGW-pL9_KKAheKMK5LQZM5RH3LiN9bGinI0Mt3Q1EF4RMNSBSm3HOH-PsEiev7zBG9GP7eH-oGdBybknsVLnSsNaNx5gNJewiVUakPVzINTF9pBIS5G_WgR2n_x_VEvMtpZffXwQPbgWljOyFByQnNOnIAUP8dD1gJ_DwDJMjkN

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame A31F 8 KB
3 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280584279;dc_ver=92.271;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=1964084963;ord=l1e0ft;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.dtto.com%2F$0;xdt=1;crlt=7vWUWuMerj;stc=1;chaa=1;sttr=49;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 13:43:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 13:43:52 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A31F 0
0 61ms
61ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstD_RN2uaIe--fTJVKV80xYJaDRXM-2IimgFthRYivaV0sR0Vn-CKcRQ1_xt_TZCGsI7BQ1heh3CBkz3Ab9t-RsYYVY7SKE9W50HdHyC7K0nQNr24VIAkMWV5elriTEjkM61ZlOE79_nCFGtKd3miNpn8uUvUU&sai=AMfl-YRe80h_WGK9P9vruhPQNYw4mDE4v9_1TEeLKv32Jb4uFR-JP8Q_E_JLW13jrQTDthKYuZSk3vxke-gicC1jxJT3nXHTQoqWX8FJJDg5&sig=Cg0ArKJSzGEoaUbdbZovEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.10828&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Nov 2022 02:08:47 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A31F 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17806
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 21:12:01 GMT

GET
H3 200 13749058673586137604
s0.2mdn.net/simgad/ Frame A31F 55 KB
55 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13749058673586137604

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bde2fbffac90405f2e77ee244bede51b9ccbc906bfa38b213444b2c1bf1f1a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 04:09:35 GMT
x-content-type-options: nosniff
age: 424752
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56409
x-xss-protection: 0
last-modified: Thu, 26 May 2022 20:28:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Nov 2023 04:09:35 GMT

GET
H/1.1 200
OK dv-measurements3130.js Show response
cdn.doubleverify.com/ Frame 6DD5 545 KB
105 KB 22ms
22ms Script
application/javascript 2a02:26f0:1700:3::5f65:1ba7
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3130.js
Requested by: Host: www.dtto.com
URL: https://www.dtto.com/f
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:3::5f65:1ba7 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 15 Nov 2022 02:08:48 GMT
Content-Encoding: gzip
Last-Modified: Sun, 23 Oct 2022 11:48:15 GMT
Server: Microsoft-IIS/10.0
ETag: "80e9d655d5e6d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106973

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 24C6 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 14:00:55 GMT
etag: 48472445140208031
expires: Tue, 15 Nov 2022 14:00:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A31F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfd1897da4eb799d84174b51b83717be0cf01a57fe49e70d04f569ca709fe026

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A31F 0
0 60ms
59ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstD_RN2uaIe--fTJVKV80xYJaDRXM-2IimgFthRYivaV0sR0Vn-CKcRQ1_xt_TZCGsI7BQ1heh3CBkz3Ab9t-RsYYVY7SKE9W50HdHyC7K0nQNr24VIAkMWV5elriTEjkM61ZlOE79_nCFGtKd3miNpn8uUvUU&sai=AMfl-YRe80h_WGK9P9vruhPQNYw4mDE4v9_1TEeLKv32Jb4uFR-JP8Q_E_JLW13jrQTDthKYuZSk3vxke-gicC1jxJT3nXHTQoqWX8FJJDg5&sig=Cg0ArKJSzGEoaUbdbZovEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=89&vt=11&dtpt=88&dett=2&cstd=0&cisv=r20221110.10828&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Nov 2022 02:08:48 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame ED41 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 543627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 19:08:21 GMT
expires: Wed, 08 Nov 2023 19:08:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 24C6 35 B
464 B 82ms
21ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP9jhSnct7LI8xuQ2s01TE4&google_cver=1&google_push=ASkJ3FZXhD8C1y_Ub2NghfFk5npShZUAryra9wDoZB6ThdKrneUPvJj19Sv8LMHQATuQux5SbLC_BYXmRs1b6fOeIBtFkIJBsDoZ

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 sync
odr.mookie1.com/t/v2/ Frame 24C6 43 B
61 B 54ms
30ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEDUM8Cx2W9vcm_oXC9JQAE8&google_push=ASkJ3FbJLonoeTw9rASTWc4_3tu5rltnK_5Sf7JX_wWE7JKO8z1PrXol620rGzqS-FRc9A9tPUBga8MTTyrUfnzvGQ_ma8eg99XU&google_cver=1
Requested by: Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 24C6 43 B
352 B 139ms
34ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF-pkpMQU7SXIhqfS0P3XzQ&google_cver=1&google_push=ASkJ3FYhGe5BLg4yxheJYUVOmeCeIpbi_sqIxcy7N9fpO6DZ5gj38YsZY3PURfuu2GEqUmkgn1qLwOkTAfxNXWSqCzeMSo6-9ZM
Requested by: Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:47 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: debqdud48uhrkkv1p90g9h9kk1hldcvj

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 24C6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nHdCCDvfQU-7ltaHBIZWvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
32ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nHdCCDvfQU-7ltaHBIZWvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaXji6dtHIrSYlc6XaWvQFDbnBUAO2srTovcEGdOdTeoWIrnTK1iVHIq3A2TK67ovb14AZOUvTsTOP-Q48EkQz4wjnjeR8d

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nHdCCDvfQU-7ltaHBIZWvw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FaXji6dtHIrSYlc6XaWvQFDbnBUAO2srTovcEGdOdTeoWIrnTK1iVHIq3A2TK67ovb14AZOUvTsTOP-Q48EkQz4wjnjeR8d
date: Tue, 15 Nov 2022 02:08:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 24C6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENqIHHmhMngw44mmChk2lg0&google_cver=1&google_push=ASkJ3FYLCoJlEbGQU-6koyMcpC1sE8UhBGjeHU3zpxBgss7Wn4mrITuVn2lUFwv4CHlpVwwc9Ks...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFIS1NSMFAtUy1LN0Y1&google_push=ASkJ3FYLCoJlEbGQU-6koyMcpC1sE8UhBGjeHU3zpxBgss7Wn4mrITuVn2lUFwv4CHlpVwwc9KsmL_4j3LftWFxzAykcHDZ39lKh

170 B
188 B

32ms
32ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFIS1NSMFAtUy1LN0Y1&google_push=ASkJ3FYLCoJlEbGQU-6koyMcpC1sE8UhBGjeHU3zpxBgss7Wn4mrITuVn2lUFwv4CHlpVwwc9KsmL_4j3LftWFxzAykcHDZ39lKh

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFIS1NSMFAtUy1LN0Y1&google_push=ASkJ3FYLCoJlEbGQU-6koyMcpC1sE8UhBGjeHU3zpxBgss7Wn4mrITuVn2lUFwv4CHlpVwwc9KsmL_4j3LftWFxzAykcHDZ39lKh
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 24C6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHAvW-44PMpF7fvhX6YhcDc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHAvW-44PMpF7fvhX6YhcDc&google_hm=Y3L0r45eGsjahThPggUPhgAADNUAAAIB&google_nid=index&google_push=ASkJ3FaJUODZwua4_fgXifavATGBgWgaMwbal...

170 B
188 B

32ms
32ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHAvW-44PMpF7fvhX6YhcDc&google_hm=Y3L0r45eGsjahThPggUPhgAADNUAAAIB&google_nid=index&google_push=ASkJ3FaJUODZwua4_fgXifavATGBgWgaMwbal8v91eDWscthmxUr18_tWNS0m1SclHUAUsvY_C86yDYa0I7gm5aXvb56H7Jk03vg

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VonuqoWVjjPsz9ADB%2F0S3UoMAX2vRRxYEuScsDko0Ls1QYwmAgAGurs1IJ%2FS5zYGPY8VRIVrWcC7%2F%2B7fs8b5jTlcRq7rVHUE2Oishjj7AG1W0km7m0rlhM5FxvS0fK3YZyNfL6ySBQIPvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHAvW-44PMpF7fvhX6YhcDc&google_hm=Y3L0r45eGsjahThPggUPhgAADNUAAAIB&google_nid=index&google_push=ASkJ3FaJUODZwua4_fgXifavATGBgWgaMwbal8v91eDWscthmxUr18_tWNS0m1SclHUAUsvY_C86yDYa0I7gm5aXvb56H7Jk03vg
cache-control: no-cache
cf-ray: 76a470ec98ac9036-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 24C6 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 24C6 0
12 B 31ms
30ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K5op8B2GD7QBzxQU--06u3CN5MQuFwyg867Qv7XFoPd26TyceYnHBUCb1Xhd0CSP7wnHb4BA

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 6DD5 9 KB
4 KB 547ms
131ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=71&ttfrms=34&brid=3&brver=107.0.5304.110&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D5EE%40%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D5EE%40%5D4%40%3ETar9EEADTbpTauTauf4ab33f2dh66a7_h%60b34d5feg_e56362%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauHHH%5D5EE%40%5D4%40%3ETau7&srcurlD=0&aUrlD=-1&ssl=https:&uid=1668478128098102&jsCallback=dvCallback_1668478128098520&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3130&tgjsver=3130&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=5&brh=2&sdf=2&dvp_epl=261&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://www.dtto.com/f&c1=684948642&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0iLaYXAD016282jhP4mXQcn&aucmp=18338891179&aucrtv=451417793&auorder=1009024872&ausite=0&auxch=1&pltfrm=1&aufilter1=684948642&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=123697347077.40042&dvp_tukv=160316840.37442076&dvp_uuid=11046031.841401653&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1266363938426
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: c87a841b9a5f1c5b612c2e74b8340e09935799fe3b7806791a670374b4cfab5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Nov 2022 02:08:48 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 11/14/2022 02:08:48

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame ED41 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 18:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 18:52:56 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F5FA 42 B
64 B 66ms
65ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqYfwCbvtSNOioFpykA1M-DvM6Wz1R0erRc7yJL7XoOk8cBAWjT0BADSgrfqY_TDuOCTQnCubgdwBUA0F3Co-mM797E3RZEwowPmLFUtAjtH8L7zCCyJXI1Lgoneh8H_XrjULP77ABmX-BbrjgTFTQH_kBxtEImVsJnA&sai=AMfl-YS3vUJXOhBq6a91DZKUYSWJSuqasdQeQd7zLdGy4fnUagp6fxSMkNh4TU6S-sg2OKRcnoavZFlmbQ4VfB_8eIHcp141ZIrYpKPdVXc-gQDEFTZIqPw7dXBnSxZf1g&sig=Cg0ArKJSzBydtfPgFvCVEAE&cid=CAQSOwDq26N9VcGSk8ENpl5eoNqzsml4f6WHy8mNrRZ28MRTkkZsQo4echhCNoTf_um-oeixvtaRi7cqlesIGAEgEw&id=ampim&o=1120,328&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1008&mtos=0,0,1008,1008,1008&tos=0,0,1008,0,0&tfs=462&tls=1470&g=100&h=100&tt=1470&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2159 42 B
64 B 108ms
62ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstePk3HpSuNLojHzMGck-X3gOTOoD8ek-NxzSW-JWglIzktmxR5qp4rgHZsUAQxUx_5RRTH-eQkBPaGOMtBdyw26bGxbQy4STsHxd9iBC7rhUwBIv0futOB1thBrqUx0XLPiNKAnQ&sai=AMfl-YSj3ShWGgd3gpoOy6J8jqgaGX_s8VxQPjMqi8wlkiMTgzk0HPrTHbAA5bL-WXhR55511I4CVkC06rlCk8qoGO9pU_n_B1hg-HnjsFSU0iK6s_T8qG2HEXxqMAMCAw&sig=Cg0ArKJSzO4JMSFsR4RTEAE&cid=CAQSOwDq26N95nv7KnC2D28t1TCxMTLJPPNx9pZFDX3d9LZI5--y82qX52dthsKEhT8K7DBXIgQlNs3FF4AUGAEgEw&id=lidar2&mcvt=1001&p=68,1120,318,1420&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4226079873&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668478126776&rpt=421&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED41 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BoIx5r_RyY6_YNd64x_APs-WHyAsAAAAAOAHgBAI&bg=!w8ClwITNAAbvMpMzzzI7ACkAdvg8Wqs5ywCxgAO5JWTy_UWhVDohHr6Ko-Q_Irrfv12FM5i2epKuwgIAAABgUgAAAANoAQcKAGdWEoVBkP4-dfU27IMDWZkcO-ltcAHOY-c_hP4bdrL8_YyLMC1j_TRY9Llj8zt6f24CtMEHvQ5tawkUpaCeBHGAvlnPr2zgFXn-9wdB25MP2FvTW2g21Yr-jqx4WAZWUA34MVpnIL-amQLtf7RVmXG15cY7mpfK0LU_4adA7l-k66_96F7FWqTwvcHjFUhRlEBGMHFPsguBTmUwK9l_jRZk6C9q6i21Bv0S_c3v9116t519nP7ZmhYhbOs4Rcr4ud5KmczI7gc07epq6GtKmVM8hgp20vbp9pL6qLjESkkHHItaem6_yTy8tAJFiRuqqiYqQi0synZKiYPFPr0fD5tTp5jePccER39Cu_0qNDeIuiwyQmyJTWAB_7R2R8xJAakXGeqQcmdwJ5lrCPqyCXias29jcJ6gwPz0eHv-WxJfPnwHFRnrWN2aVFkOYNNldWQOV8Wf65SW2LkEYdJUt-bmPdQEy88wqyBkh3N_5w-T21eeJgCvfxHkulBZ16sUYXFn29zV1QBMLEQRMLhsu5HSlr1Waz9Gf3x2mqnNM4ufFOY5r4JLu_0k1CfC2WBn04wYXBO4M3R3mhlGEhMAqflFK2wLsJ1PEdsoDtPcSNgAzQaT64l3d8U34ZfqD0SZFIAe77t9YZ3ht_Bq1Xt1NL-Jx7OCnWB-4ZLolZUpUFNVjEV5O_Nczh6VPBiuqHJrBy7PhyghuTFuVnoIu3uR0QuSkD06sQGnU1SqkLhvSL6yVWLI0mmzCFs9kLOt6mK_ke5TTMmM6lr7wbqkIelqndyzZVr1iqnHNkZJ0slDPLriKO4E041vleL5lGYrC6CyTXVC7pksjXcvgvDqj6iZV06TqFEjqH9o6-8q46yrtPAOP-im1ZJdJxemGhZxqxoMU3gK3jT_9Z0-TKDFd6QIzTaRJnC9pOUUG30bIeNLUsm3Fd64UHZlnNDtqYnhd-IEJKx6OmSzyAJ6UpLVikOuT20Uu7-r5I5IpkFrlPdi8TMT8thhniMBanzMkS56UfGlYrrtCuJwfaDsCVyhYbVdOFNoadFBaDiBHTdVfxOXOgIBKCqymxRn9nNON-jWgzY1UMCiy01VhC-u2aUbrYS_UCTzqrjIFAwcjuqU37OgjJKUkxSDf5ozZMc

Requested by

Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bee85b440c8a7debf815e374832553af4b7ab17ce63d76df439984e91fe74e27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/f7d191d6-73d6-46f5-8c9e-a7aefaf68ff4/
Redirect Chain

https://megapx.dcard.tw/v1/images/f7d191d6-73d6-46f5-8c9e-a7aefaf68ff4/responsive?width=32
https://megapx-assets.dcard.tw/images/f7d191d6-73d6-46f5-8c9e-a7aefaf68ff4/160.webp

6 KB
6 KB

856ms
855ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/f7d191d6-73d6-46f5-8c9e-a7aefaf68ff4/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d16cc62673aa21ca2967342c798753025f450ac1bb242a09a5d9f6a62168665d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdt90K2SRutsX9RXwxKcPPeAlppxAJT3FbrxmT3XhF9kDS424k-E6eQYxEmkLbbn0aWMqPL6HX56MO3LmCAfg75a_Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5982
last-modified: Mon, 31 Oct 2022 10:07:04 GMT
server: UploadServer
etag: "49984091dd04268a349a8e53d39d0cd8"
x-goog-generation: 1667210823939731
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=n0M5vw==, md5=SZhAkd0EJoo0mo5T050M2A==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 5982
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-cfbeec3c34789a7581e9aae92ef3c84b-1b378af002c2b2d8-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/f7d191d6-73d6-46f5-8c9e-a7aefaf68ff4/160.webp
cache-control: no-store
cf-ray: 76a470f01aec697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: cfbeec3c34789a7581e9aae92ef3c84b

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/bfa91223-116a-45cd-bdfd-d09f677545df/
Redirect Chain

https://megapx.dcard.tw/v1/images/bfa91223-116a-45cd-bdfd-d09f677545df/responsive?width=32
https://megapx-assets.dcard.tw/images/bfa91223-116a-45cd-bdfd-d09f677545df/160.webp

2 KB
2 KB

845ms
844ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/bfa91223-116a-45cd-bdfd-d09f677545df/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b3705e81a7e785ac273d460c863a77988b5509a69f57ff821ae75717cb0f257c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdvw0r8c0BV7RLN1XQOcFIyDFhTIxnOUuBDdRxPD47Y37Ojj1TWOS9O4LMDvmwViu_y1agwwO_iFvFU7XyZwb6YwEA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2120
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "511679e75a936cc0e6dee526194587fe"
x-goog-generation: 1663560331222065
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=d9gJeQ==, md5=URZ551qTbMDm3uUmGUWH/g==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 2120
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:49 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-51391dbed6319fc54f27bef4ddf0427a-5803d49b400c1f06-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/bfa91223-116a-45cd-bdfd-d09f677545df/160.webp
cache-control: no-store
cf-ray: 76a470f01aed697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: 51391dbed6319fc54f27bef4ddf0427a

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/56b8f3a9-eac8-429b-a089-e5f4e98d76fb/
Redirect Chain

https://megapx.dcard.tw/v1/images/56b8f3a9-eac8-429b-a089-e5f4e98d76fb/responsive?width=32
https://megapx-assets.dcard.tw/images/56b8f3a9-eac8-429b-a089-e5f4e98d76fb/160.webp

2 KB
2 KB

850ms
850ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/56b8f3a9-eac8-429b-a089-e5f4e98d76fb/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 98b2eb57ecc2ac49066c0b2b3255d6efab586ed5b2331671c3afc43a228adc59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdt9Y8Ascc60o_fQPymZwTFCXfxJKZ7sqRaoBlqdpobpVvbJks_oTZC1fPW-wOK6w9Q45HUKIJ9Xu8_nafHdYMpReg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2276
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "a40a9dcb02012e62e5823b7b0663a86a"
x-goog-generation: 1663560331235303
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=fLY/rg==, md5=pAqdywIBLmLlgjt7BmOoag==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 2276
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-336b82f1bcf3bda13300dd6b16d49c81-fe228d54a95cd9d7-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/56b8f3a9-eac8-429b-a089-e5f4e98d76fb/160.webp
cache-control: no-store
cf-ray: 76a470f01aee697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: 336b82f1bcf3bda13300dd6b16d49c81

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/603ec5a5-771b-4017-86af-669944db962f/
Redirect Chain

https://megapx.dcard.tw/v1/images/603ec5a5-771b-4017-86af-669944db962f/responsive?width=32
https://megapx-assets.dcard.tw/images/603ec5a5-771b-4017-86af-669944db962f/160.webp

1 KB
1 KB

858ms
857ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/603ec5a5-771b-4017-86af-669944db962f/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 85832b423ed22f0c697d03bb0916178a6b1ac360276aecf7120954715440388d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdsKiTaDFbO7IHsGyRFVl5tFiNciuIYe4iEAe8HUon6nW_rD6Jk7UzAuWcIS8CmKlF4QZvG3T2kHk1V-MqmLz8NxQw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1052
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "99bb879136761743a0f24ccec4129418"
x-goog-generation: 1663560331127303
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=1TNOzA==, md5=mbuHkTZ2F0Og8kzOxBKUGA==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1052
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-dc2b3a5439d07457e7d01d895edecb5f-7271df0d199418f7-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/603ec5a5-771b-4017-86af-669944db962f/160.webp
cache-control: no-store
cf-ray: 76a470f01aef697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: dc2b3a5439d07457e7d01d895edecb5f

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/dd59578f-2bc1-43cd-a42f-dcdf214466e1/
Redirect Chain

https://megapx.dcard.tw/v1/images/dd59578f-2bc1-43cd-a42f-dcdf214466e1/responsive?width=32
https://megapx-assets.dcard.tw/images/dd59578f-2bc1-43cd-a42f-dcdf214466e1/160.webp

4 KB
4 KB

845ms
845ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/dd59578f-2bc1-43cd-a42f-dcdf214466e1/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9f9f54a216f448fd66a834ca3042c20157ec6c74fe1f96b90ff8c468243cb25f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdsDAtoz8bG1T_i4Ge4YVQGj6YURZhRhHBbatcv5IN9UlWisUTmKpQSwmf9lWFV3jojO9YyQSrSl_2kmlyz0dprgPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3650
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "45748095d476092c07c78491ca36928d"
x-goog-generation: 1663560331240318
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=Siou0A==, md5=RXSAldR2CSwHx4SRyjaSjQ==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 3650
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-a1c92579a270932b489e677705a17cfc-09159e20545e30da-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/dd59578f-2bc1-43cd-a42f-dcdf214466e1/160.webp
cache-control: no-store
cf-ray: 76a470f01af0697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: a1c92579a270932b489e677705a17cfc

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/842431b2-87b7-440a-8b44-476f41679e8c/
Redirect Chain

https://megapx.dcard.tw/v1/images/842431b2-87b7-440a-8b44-476f41679e8c/responsive?width=32
https://megapx-assets.dcard.tw/images/842431b2-87b7-440a-8b44-476f41679e8c/160.webp

3 KB
3 KB

859ms
859ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/842431b2-87b7-440a-8b44-476f41679e8c/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7e6ce9e68597926b5be7d049d0e47f8cc539da878c3acb2477c4096ffdbabe1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdtIAOg-6FGzcE46TvDXCz4m3FJ1Gl3zpWBMjj8YmXoQcl8rR-r5BL-whWBwdgsKeBxBjyu7UYHnEaospJ0vIXY54w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3490
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "caf4b340984f29dd74ef0766ead7d00f"
x-goog-generation: 1663560331169875
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=zYBEYA==, md5=yvSzQJhPKd107wdm6tfQDw==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 3490
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-0e94d10f26e504fcc36ef3e607343d98-45c6af646b9249fb-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/842431b2-87b7-440a-8b44-476f41679e8c/160.webp
cache-control: no-store
cf-ray: 76a470f01af1697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: 0e94d10f26e504fcc36ef3e607343d98

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/be2fce02-f97a-47e8-a4f5-769de29c100d/
Redirect Chain

https://megapx.dcard.tw/v1/images/be2fce02-f97a-47e8-a4f5-769de29c100d/responsive?width=32
https://megapx-assets.dcard.tw/images/be2fce02-f97a-47e8-a4f5-769de29c100d/160.webp

2 KB
2 KB

864ms
864ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/be2fce02-f97a-47e8-a4f5-769de29c100d/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 63f4a8a01a55420912a7f06a3758909f87f985f2b39277d09109d25128ec5c60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdukCLSTlent0kzP52QWmyW7G5bzjNGP5kGHQo-eowFiNkuDabzsCMCwSFoByMOo-fzKp8hNOAdZJ8oCxGSq-2e8mAJ2l3pq
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1920
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "70de48124a99494ff54227cfb4e2f983"
x-goog-generation: 1663560331111942
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=XbQzVw==, md5=cN5IEkqZSU/1QifPtOL5gw==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1920
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-14b0fcfa11d037388a33ad9ef817fa84-77da48b4bc775eb3-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/be2fce02-f97a-47e8-a4f5-769de29c100d/160.webp
cache-control: no-store
cf-ray: 76a470f01af2697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: 14b0fcfa11d037388a33ad9ef817fa84

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/01f66d7c-6241-4161-adfa-152e32e266e7/
Redirect Chain

https://megapx.dcard.tw/v1/images/01f66d7c-6241-4161-adfa-152e32e266e7/responsive?width=32
https://megapx-assets.dcard.tw/images/01f66d7c-6241-4161-adfa-152e32e266e7/160.webp

556 B
593 B

854ms
854ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/01f66d7c-6241-4161-adfa-152e32e266e7/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 44d48be70ee82e1c8da7697ccffcde3d66ae5598bc70ad9e1dd4b0adc2438f9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdu2fYrs2WxJW0AJG-dwbgbao51UfM8Ww8-I9APkxJTeGhS0NfMNHZkaxQXfSTg8Tis_wFNPpRB3EdgRrVUpbhyFnw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 556
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "6a499bafc2a9c2cc615914f102a71824"
x-goog-generation: 1663560331169912
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=I/712w==, md5=akmbr8KpwsxhWRTxAqcYJA==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 556
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-d17005c486c567592492d06ec1b3a5bd-6b9da7dab042f17b-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/01f66d7c-6241-4161-adfa-152e32e266e7/160.webp
cache-control: no-store
cf-ray: 76a470f01af4697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: d17005c486c567592492d06ec1b3a5bd

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/b8847b92-3078-4a64-9347-46b1f9dec400/
Redirect Chain

https://megapx.dcard.tw/v1/images/b8847b92-3078-4a64-9347-46b1f9dec400/responsive?width=32
https://megapx-assets.dcard.tw/images/b8847b92-3078-4a64-9347-46b1f9dec400/160.webp

3 KB
3 KB

883ms
883ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/b8847b92-3078-4a64-9347-46b1f9dec400/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: db59fb135cbcc4d8e7b6a104f6141e972d80ac263d5804797572ad9d5d39d168

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdvYd8lr0SsaVYrt7KylmpZofYV3MrSN_Y7KG_lbjj_gZNZ8_i6KLQJSHAw-amhfOK0M3PSkpGmx6RRHbov7QmrTRA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2774
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "ccc47f28307020a839390c69f706bc66"
x-goog-generation: 1663560331274899
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=leqv/g==, md5=zMR/KDBwIKg5OQxp9wa8Zg==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 2774
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-724d01cf3b284da9a016634aca7d18f4-725304b3eb190005-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/b8847b92-3078-4a64-9347-46b1f9dec400/160.webp
cache-control: no-store
cf-ray: 76a470f01af5697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: 724d01cf3b284da9a016634aca7d18f4

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/20072bad-8775-4100-af6e-afbb95e9509e/
Redirect Chain

https://megapx.dcard.tw/v1/images/20072bad-8775-4100-af6e-afbb95e9509e/responsive?width=32
https://megapx-assets.dcard.tw/images/20072bad-8775-4100-af6e-afbb95e9509e/160.webp

3 KB
3 KB

846ms
845ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/20072bad-8775-4100-af6e-afbb95e9509e/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4ca5c1818628636a6c5e43a58f851a1f93e4719ba6f8bde3b76a7ecb758300ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdthsrtu2FhM_XRVP6hbtaSmvy0lJ9QKbkQQY_kiZ9D4MvNQeUB8fgWdeLCFDwhbuSo6JRVKNtrIbtSHiXcxQUGYqA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2666
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "23a35c94002de47a21f4f7601e91a432"
x-goog-generation: 1663560331303595
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=bQ4Y9Q==, md5=I6NclAAt5Hoh9PdgHpGkMg==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 2666
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-755b0649a553d17bbf650aba7cd42c13-bb4d923ca6c1a95a-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/20072bad-8775-4100-af6e-afbb95e9509e/160.webp
cache-control: no-store
cf-ray: 76a470f01af6697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: 755b0649a553d17bbf650aba7cd42c13

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/a9850752-eb00-4e64-b910-36e1edf4314b/
Redirect Chain

https://megapx.dcard.tw/v1/images/a9850752-eb00-4e64-b910-36e1edf4314b/responsive?width=32
https://megapx-assets.dcard.tw/images/a9850752-eb00-4e64-b910-36e1edf4314b/160.webp

718 B
747 B

868ms
868ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/a9850752-eb00-4e64-b910-36e1edf4314b/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ab552134bb583e972e5935e3e0c598d22821358cb643b3a28e071eedfd0a1cce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycduRSo-OloHPB-_CAahTwNB-Wom9mnnnncUhhTlmFP8jsYVtxibaRsDBL68aXN5qnMZ56vT1Q2kUmkNiaF60y_UcGQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 718
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "a1245e709e6fc7270292d23d033d7014"
x-goog-generation: 1663560331105945
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=Ap+yig==, md5=oSRecJ5vxycCktI9Az1wFA==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 718
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-9991646f0047f7eb75dade94b6d25dd8-314abedb68459bb0-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/a9850752-eb00-4e64-b910-36e1edf4314b/160.webp
cache-control: no-store
cf-ray: 76a470f01af8697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: 9991646f0047f7eb75dade94b6d25dd8

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/8cc95d8a-3395-4f11-8d88-732e15ddf3ce/
Redirect Chain

https://megapx.dcard.tw/v1/images/8cc95d8a-3395-4f11-8d88-732e15ddf3ce/responsive?width=32
https://megapx-assets.dcard.tw/images/8cc95d8a-3395-4f11-8d88-732e15ddf3ce/160.webp

3 KB
3 KB

863ms
863ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/8cc95d8a-3395-4f11-8d88-732e15ddf3ce/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8a0da652369f481875d34bcda1de6ab1cef6a2f59e3bc3892b7322eb18e1701e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycduriNytmQMB5THZrlMANk1gSDd_TIV3Ii25uqA5_Ylv7_7MKsAY3Wy-yHgMH-7MVmzgwIqpLEAObjP2BzSIN6oAiQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3028
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "55ff1892c0b7e9dd94b56052755ceb7c"
x-goog-generation: 1663560331330856
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=jpO/rQ==, md5=Vf8YksC36d2UtWBSdVzrfA==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 3028
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-f6b244cc39890bf4823d8c47c6b5ae7a-976ebd2cdd23a5db-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/8cc95d8a-3395-4f11-8d88-732e15ddf3ce/160.webp
cache-control: no-store
cf-ray: 76a470f01af9697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: f6b244cc39890bf4823d8c47c6b5ae7a

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/2ea9b1f3-2aef-4fdd-88af-5e175c2865d4/
Redirect Chain

https://megapx.dcard.tw/v1/images/2ea9b1f3-2aef-4fdd-88af-5e175c2865d4/responsive?width=32
https://megapx-assets.dcard.tw/images/2ea9b1f3-2aef-4fdd-88af-5e175c2865d4/160.webp

2 KB
2 KB

842ms
842ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/2ea9b1f3-2aef-4fdd-88af-5e175c2865d4/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8225199135a702e825b9906a3fc4a5dfca4d565d9a4a5383ee3da3c32c776d93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdu7l6E2g5bhYQMMNGyEL59zeRx0BqsHybSnEGxYwL4DZsikdknaH9g8GEr7KoKcsQ-XRYLt6zz2alUeUu6Pen5MBw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1732
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "1726508266a9c4826bb13864c08c1a59"
x-goog-generation: 1663560331191009
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=CVhl2g==, md5=FyZQgmapxIJrsThkwIwaWQ==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1732
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-bfa0879726e991611a5272965d0647b8-057e049f5edef356-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/2ea9b1f3-2aef-4fdd-88af-5e175c2865d4/160.webp
cache-control: no-store
cf-ray: 76a470f01afb697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: bfa0879726e991611a5272965d0647b8

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/a74ad8f7-0a31-4d3c-bbaa-18cac681d6ba/
Redirect Chain

https://megapx.dcard.tw/v1/images/a74ad8f7-0a31-4d3c-bbaa-18cac681d6ba/responsive?width=32
https://megapx-assets.dcard.tw/images/a74ad8f7-0a31-4d3c-bbaa-18cac681d6ba/160.webp

2 KB
2 KB

848ms
848ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/a74ad8f7-0a31-4d3c-bbaa-18cac681d6ba/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8c8ca30b4fb87e8147a39a60c46da011a3509f9377e780df41d716e188c1675f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdsb6I7w1hzHgtLu5qk1ELhXHiPUSLXbi8i95i_GfGm0TLD3V_I0WsqwEV0JMdUbPSHWbYL3UGYRtyVQowVUIhNIZvfb8Ba8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1852
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "71b672be71ac89e23c8a612148aabecc"
x-goog-generation: 1663560331183296
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=Vgcs5g==, md5=cbZyvnGsieI8imEhSKq+zA==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1852
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-2261ab26299a01fb373a376e2fdb7e01-31f91b388375257b-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/a74ad8f7-0a31-4d3c-bbaa-18cac681d6ba/160.webp
cache-control: no-store
cf-ray: 76a470f01afc697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: 2261ab26299a01fb373a376e2fdb7e01

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/a5037adb-3cb4-41a4-8103-779646e4535f/
Redirect Chain

https://megapx.dcard.tw/v1/images/a5037adb-3cb4-41a4-8103-779646e4535f/responsive?width=32
https://megapx-assets.dcard.tw/images/a5037adb-3cb4-41a4-8103-779646e4535f/160.webp

3 KB
3 KB

848ms
847ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/a5037adb-3cb4-41a4-8103-779646e4535f/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f768a55b84bbe5c77fb374af98cdf5b75783b3673250f0a8415ad96218700057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycduz1bN0xzkB_wIGR_U_vaFg4oGNpicCUsji1JBxA62PAdLe1sfvF7yTte-9Pzv3_7hQicjBX-_aP1ep7f0fXSeYFg9oxP1C
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3370
last-modified: Mon, 19 Sep 2022 04:05:31 GMT
server: UploadServer
etag: "33847859dc95c59840a8770a761423f8"
x-goog-generation: 1663560331105524
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=GLhKow==, md5=M4R4WdyVxZhAqHcKdhQj+A==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 3370
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-75a478c990e78f49f6a37f5fb7c6cb8f-320e82a9b3541775-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/a5037adb-3cb4-41a4-8103-779646e4535f/160.webp
cache-control: no-store
cf-ray: 76a470f01afd697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: 75a478c990e78f49f6a37f5fb7c6cb8f

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/88023499-70e6-426d-ac0f-468180eb143c/
Redirect Chain

https://megapx.dcard.tw/v1/images/88023499-70e6-426d-ac0f-468180eb143c/responsive?width=32
https://megapx-assets.dcard.tw/images/88023499-70e6-426d-ac0f-468180eb143c/160.webp

956 B
995 B

846ms
846ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/88023499-70e6-426d-ac0f-468180eb143c/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9c7f40c41c665dea8972f801f21bff0961710681f75caa4dc1f77738c4ace21e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycdv8CAWK8TfeoR7hq1GlDhxWqAaVmNQxBE88I4LfHnGI3JwH9NEx2jccrMWkWhs-HqNKWQN_PhDIAOh43aqYnbH4xw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 956
last-modified: Mon, 19 Sep 2022 04:49:26 GMT
server: UploadServer
etag: "d451f1d1b3ceb5f6eab59665b3433e0d"
x-goog-generation: 1663562966833732
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=/+i+GQ==, md5=1FHx0bPOtfbqtZZls0M+DQ==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 956
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-d176daf84236c90a2197760611207475-960ae37eef94cc4e-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/88023499-70e6-426d-ac0f-468180eb143c/160.webp
cache-control: no-store
cf-ray: 76a470f01afe697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: d176daf84236c90a2197760611207475

GET
H3

200

160.webp
megapx-assets.dcard.tw/images/59fb00da-c217-4b1a-b709-46e21be3076c/
Redirect Chain

https://megapx.dcard.tw/v1/images/59fb00da-c217-4b1a-b709-46e21be3076c/responsive?width=32
https://megapx-assets.dcard.tw/images/59fb00da-c217-4b1a-b709-46e21be3076c/160.webp

3 KB
3 KB

845ms
845ms

Image
image/webp

34.149.157.153
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megapx-assets.dcard.tw/images/59fb00da-c217-4b1a-b709-46e21be3076c/160.webp
Protocol: H3
Server: 34.149.157.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 153.157.149.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4fd20797ddc4b890e63f91c523ffd9880feb5a2a298b5a820bbc4057c7353fe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 02:08:49 GMT
via: 1.1 google
x-guploader-uploadid: ADPycduGKlqR6bEKiACPRwQOWT6LQpD2PrScRpt_7Gp2EAEHc8ZlyVaRl00nLBYAlnbtak9w3s91Qtk1I-x2L4NAwdfpeg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3236
last-modified: Mon, 19 Sep 2022 04:34:20 GMT
server: UploadServer
etag: "e032c9a2b2ac25d69831d140a4112a0d"
x-goog-generation: 1663562060740863
content-type: image/webp
access-control-allow-origin: *
x-goog-hash: crc32c=AdX+kA==, md5=4DLJorKsJdaYMdFApBEqDQ==
access-control-expose-headers: *
cache-control: public, max-age=31536000
x-goog-stored-content-length: 3236
accept-ranges: bytes
expires: Wed, 15 Nov 2023 02:08:49 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: BYPASS
server: cloudflare
traceparent: 00-6bccccdbbd0958f81947ae7bbe2ca030-33a74d1978ec6df1-01
vary: Origin, Accept
content-type: application/json; charset=utf-8
location: https://megapx-assets.dcard.tw/images/59fb00da-c217-4b1a-b709-46e21be3076c/160.webp
cache-control: no-store
cf-ray: 76a470f01aff697b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94
dc-trace-id: 6bccccdbbd0958f81947ae7bbe2ca030

GET
H/1.1

204
No Content

event.png
tpsc-eu3.doubleverify.com/ Frame 6DD5
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tpsc-eu3&param=akipv6&impid=42adc612c8f8452e84c7b4995a15ee47&dup=&cbust=1668478128657158
https://tpsc-eu3.doubleverify.com/event.png?impid=42adc612c8f8452e84c7b4995a15ee47&akipv6=2001:1b60:2:240:3247::2&dup=

0
157 B

72ms
23ms

Image
text/plain

34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=42adc612c8f8452e84c7b4995a15ee47&akipv6=2001:1b60:2:240:3247::2&dup=
Requested by: Host: 7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
URL: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Nov 2022 02:08:48 GMT
Cache-Control: max-age=0
Connection: close
Expires: 11/14/2022 02:08:48

Redirect headers

Location: https://tpsc-eu3.doubleverify.com/event.png?impid=42adc612c8f8452e84c7b4995a15ee47&akipv6=2001:1b60:2:240:3247::2&dup=
Date: Tue, 15 Nov 2022 02:08:48 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A31F 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZFWihXZfkd2_2kj-B85LccNXa1_e5xkyR1Dk-JbfEIoyziNNUtrgFZwGtxbe2Q3xcsf6wUB5ad_5ILVec3iEL9Lr5K-Za&sig=Cg0ArKJSzPiFeX5L19S-EAE&id=lidar2&mcvt=1001&p=0,0,600,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=1964084963&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668478126798&rpt=1239&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A31F 42 B
64 B 65ms
65ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZvXpLDwk4NkQgJX3e3JuYSoD9iP6AYit_XtA_eCTtMO19S15Sh_wlKfqmHUYkQtZTcTFOg5L2uVn5Bghjurf2pnspelAjkrQHL1Gyt05WYIIqaV_G9ihFnrMksEcrR4NcfTni3A&sai=AMfl-YRpGH6fo4504t5YqpfHxLfuWrj65_VtTxyW08b6gNx7TTlOgf_yxrSB3CPPZAtzI-ZQR1W9rcJaxAmuMAAazP_JmqX1YjH1SPuttP3CfSNiSG0taq799FzQyAwk7Q&sig=Cg0ArKJSzK30eP66j9WfEAE&cid=CAQSOwDq26N9t4I7kr1JSgCzkSihG-cxUbsy4kaA1lxDwTwMlIOfXf7nwAregHgSfEEP6VMMU8jrlsqBDp_YGAEgEw&id=lidar2&mcvt=1005&p=588,1120,1192,1420&mtos=0,1005,1005,1005,1005&tos=0,1005,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=3364725108&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668478126798&rpt=1235&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 70ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CEXCPM63ZK&gtm=2oeb90&_p=256374848&cid=209539654.1668478126&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1668478126&sct=1&seg=1&dl=https%3A%2F%2Fwww.dtto.com%2Ff&dt=Dtto%20%7C%20Social%20media%20platform%20for%20college%20students&en=page_view&_ee=1&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CEXCPM63ZK&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dtto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 02:08:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dtto.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame 6DD5 0
229 B 76ms
24ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=42adc612c8f8452e84c7b4995a15ee47&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=551&eoid=12&msrjs=3130&dvp_ac_version=0810&dvp_acibv=&bsigr=19860147274240&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=0&tetms=10&msltms=46&vltms=551&sei=289&vetms=8&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=44&isumms=43&nvr=6&isgmmims=44&isgmv4mims=44&elmtp=6&isbxdms=2643&b0=100&b11=2643&adhgt=600&adwdth=300&norwdth=300&norhgt=600&vsos=9&dvp_vsosnmr=16&lftb=2743&sftb=2743&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=600&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1043&isuiabvms=1043&isgmpims=150&isgmv4dpims=1043&ispmxpms=1043&engalms=41&dvp_dpr=1&ttfurm=3589&cbust=1668478131657382
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3130.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 15 Nov 2022 02:08:51 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 11/14/2022 02:08:51

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJzOm1M27eFRGYyNyxB-6Tg&google_cver=1&google_push=ASkJ3FbNlXfSl0Xu43Sh4idzyCyh8IeRE1jt0R3SvkPUUx_1hT_a_2swN40CoPwyeSx0hpkvopgervL4ASr8Z1rmgwRzLjZ_id1Q

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dtto.com/	1969-12-31 23:59:59	Name: __cfruid Value: 6ad2dcb6b0ef4dc20e5d24865fcc951a1c5c14e7-1668478123
.dcard.tw/	1969-12-31 23:59:59	Name: _cfuvid Value: OjOIj2Q_vMMI.pd0rfz6TB0tCL8XLgAX1ML4xRJzGn8-1668478124216-0-604800000
.dtto.com/	1970-01-20 09:37:34	Name: _gcl_au Value: 1.1.1638837687.1668478126
.dtto.com/	1970-01-20 07:29:24	Name: _gid Value: GA1.2.590510724.1668478126
.dtto.com/	1970-01-20 07:27:58	Name: _gat Value: 1
.dtto.com/	1970-01-20 17:03:58	Name: _ga Value: GA1.1.209539654.1668478126
.dtto.com/	1970-01-20 17:03:58	Name: _ga_CEXCPM63ZK Value: GS1.1.1668478126.1.1.1668478126.0.0.0
.dtto.com/	1970-01-20 09:37:34	Name: _fbp Value: fb.1.1668478126256.1284218175
.t.co/	1970-01-20 17:03:58	Name: muc_ads Value: 0558b38d-abaf-4cb6-a791-5686a1b3aed6
.www.dtto.com/	1970-01-20 17:03:58	Name: __lt__cid Value: 7b848c81-44c5-4e8f-8ccb-26e55561342c
.www.dtto.com/	1970-01-20 07:27:59	Name: __lt__sid Value: ff1e31ce-edf9ed71
.twitter.com/	1970-01-20 17:03:58	Name: personalization_id Value: "v1_6hvB6ku+ne2HxgOinXx0LA=="
.doubleclick.net/	1970-01-20 16:49:34	Name: IDE Value: AHWqTUk7pk_C0Wrz-il-R0pjAjCXHZ1u7MGis0tMXhGWZjJv7nKA8PiXJXLgEi0I0JQ
.dtto.com/	1970-01-20 16:49:34	Name: __gads Value: ID=772de5759b671638:T=1668478126:S=ALNI_MZMjf4vqv36SSFhb5g375NnF2NtvA
.dtto.com/	1970-01-20 16:49:34	Name: __gpi Value: UID=00000b81897d1a55:T=1668478126:RT=1668478126:S=ALNI_MYHiqQGvYuBsetqas5lqNgd8Gl7XQ
.doubleclick.net/	1970-01-20 07:28:01	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 09:37:34	Name: uuid2 Value: 7074542376732920602
.adnxs.com/	1970-01-20 09:37:34	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?lij+tm!]tbPl1M>e)ZlrFUfJ+tGXxo<E89fJNSgX?9%U#P@4zqn@Jn*'YvqmsZj@B03If)y3KL9D3I?+RZaaMw
.casalemedia.com/	1970-01-20 16:13:34	Name: CMID Value: Y3L0r45eGsjahThPggUPhgAA
.casalemedia.com/	1970-01-20 09:37:34	Name: CMPS Value: 3285
.casalemedia.com/	1970-01-20 09:37:34	Name: CMPRO Value: 3285
.line.me/	1970-01-20 17:03:58	Name: _ldbrbid Value: tr__k1y/XGNy9K8iw+BaSc67Ag==
.bluekai.com/	1970-01-20 11:47:10	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 11:47:10	Name: bkpa Value: KJyN0AWvQY9xxBcENajc7DWU63SnH9ABoWQB7qXxU4fcPy2nDLWu67JhjGkbgizUiKkBHuSfz385BMfIJguQ9lqqZh7F7usiQU5EXOYxc/tlBgVGExOF295kTYE2
.bluekai.com/	1970-01-20 11:47:10	Name: bku Value: ts6O9vd6zZmEiiQh
.innovid.com/	1970-01-20 09:37:34	Name: uuid Value: 298fcaad-b70f-4477-933a-deaf836b734f-20221114 21:08:47
.e.dlx.addthis.com/	1970-01-20 16:58:12	Name: na_tc Value: Y
.pubmatic.com/	1970-01-20 07:29:24	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 09:37:34	Name: KADUSERCOOKIE Value: 9C774208-3BDF-414F-BB96-D687048656BF
.addthis.com/	1970-01-20 16:58:12	Name: na_id Value: 2022111502084700018269577099
.addthis.com/	1970-01-20 16:58:12	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:58:12	Name: uid Value: 6372f4af8c95e70c
.addthis.com/	1970-01-20 16:58:12	Name: ouid Value: 6372f4af00016119135079b88b6f9660da9981b6d61dae4b5ab1
.dlx.addthis.com/	1970-01-20 08:11:10	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 08:11:10	Name: na_sr Value: 20221115
.dlx.addthis.com/	1970-01-20 07:27:58	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 08:11:10	Name: na_sc_e Value: 0
.casalemedia.com/	1970-01-20 09:37:34	Name: CMTS Value: 3242
.quantserve.com/	1970-01-20 09:37:34	Name: d Value: EHUBCQHKJ4EA
.quantserve.com/	1970-01-20 16:58:12	Name: mc Value: 6372f4b0-200fd-ea654-73a32

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FZWcn2mcJjcRkgSUSy68imXpg6caNUcj39F7_2A-tJmDh7NEXAejDSCeDwvzeHOvbxkxXYS8NWyGWwo5azWYLixZeWiayk&google_gid=CAESECa89ASHYnIG5_q912NB7Qs&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJzOm1M27eFRGYyNyxB-6Tg&google_cver=1&google_push=ASkJ3FbNlXfSl0Xu43Sh4idzyCyh8IeRE1jt0R3SvkPUUx_1hT_a_2swN40CoPwyeSx0hpkvopgervL4ASr8Z1rmgwRzLjZ_id1Q Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7c23bb7a59ee2f0913bc5d76806debea.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.twitter.com
bilanx.dtto.com
cdn.ampproject.org
cdn.doubleverify.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d.line-scdn.net
dsum-sec.casalemedia.com
dtto.com
e.dlx.addthis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imgur.dcard.tw
megapx-assets.dcard.tw
megapx.dcard.tw
odr.mookie1.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
region1.google-analytics.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sentry.io
ssum-sec.casalemedia.com
static.ads-twitter.com
static.cloudflareinsights.com
sync.teads.tv
t.co
tags.bluekai.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
tr.line.me
us-u.openx.net
www.dtto.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
googlecm.hit.gemius.pl
104.18.33.19
104.244.42.133
104.244.42.3
108.157.4.121
142.250.185.226
147.92.191.92
172.217.16.198
185.64.190.78
185.80.39.216
199.232.136.157
2001:4860:4802:32::36
216.58.212.162
23.11.239.181
2606:4700:4400::6812:252c
2606:4700::6810:3965
2606:4700::6810:cc3a
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:801::2002
2a00:1450:4001:801::2004
2a00:1450:4001:802::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2006
2a00:1450:4001:830::2001
2a02:26f0:1700:3::5f65:1ba7
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d01c:1d8:8100:3d7c:b3e5:1d0f:44c5
34.149.12.213
34.149.157.153
34.98.64.218
34.98.67.61
35.186.253.211
35.188.42.15
35.244.174.68
37.252.171.85
69.173.144.139
88.221.168.166
88.221.169.95
00d0acfeda533af73b33d2094a02964dc3079a7d771304d4d780ac5372500926
0119994290d4729b216aa0237696536107bc78baf11c8a9ddf29fb785bbdf905
01399baa87f00c6f67217a0401b2a7289f57df1699118dd704b70641936b911c
01ac1cd9c642896c4eeea5ff222b75e35aea5e616cab38f1887be300aff2fe8f
04ee4555b4b3748ec55adf860d7a55c0530a42aeed6b1c234d6cd332f0393ef4
0561b5c2990866d43897d2b2b70170c30904c4dcb45cde18ea86bcc4b5200823
06b2634b2b940739dcfd628497b0905a38ea85099f97b3f81f2f2221d083dea8
08a78d85117790a5ab2c47455af0b00256459841773e19d471836f103ef310b5
08fd2b7e868d8c0d45a1fd1ae67e1810c982afeefe79677a6fe4d38f0d857ddb
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0afedc954bed8cbef25bec4ca8491308683dbba69b2bcdb9d21cb4c1b6c700a6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0b532aaf2341df2625801caa80e6507e0a5e6823062c559b4dad3cbe9fda4d
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
1248d4d779a8fbe011a884e4fdaa4a4d4a271ae9cf4e37db8e66c887c4dbaa78
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15adb2599a55543c8f045b678612eeac27e8ed0b9918a6d7c2cfb872b9505b91
17a90007763129fb942eb1e42d6ae0a02cff037f7cee75fb8a79afa9afc69d5e
18e527f37125bb009239801a6219cd0205807fadb4973e0eca8f016420250e32
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1fc1cbeb7ce2869f4b50b6462d47e8bfcde492b47a681baa4d9e4699422025d6
236692fe82b633b9dad49d74163cf61b8b288d7f9297d92b019e2e0490ab90fb
23e5ea2e3be11df00300c8bddac3eaea090fb569bc430be202f5ce638fc57ca6
242b827c6acc5c9dfa4e40b98e9e4a1e7421964cc7e0133e0aec5f13ff1f25eb
24c189fd64deacf3883b5e4c6eb13166eaf4557eea1b37d4da30608beb368197
271f234ab67ca1d0b928356876f41058e08eb9cac0f543ae123006c54a617b75
27d570f14bb17dbe1ccafeaac817f17aa6f63e8e199c8878fd181df4c0ca148b
28536fa93b6024ac3bd9329c9e47f3a5430563cc5928d05a42af4e6bd9e41eec
2ac0bfe0a4791013f6e54a77dc75009eab60aceded9041f6fc3a6396f75af809
2b6373c7f640889e490f0da4f5b88a47e2187e49c3ee7e940ce98bec28ccddac
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2eb426bd2df92dd9fc6146fa3972ae23947ffcf0fd1630dfc8df5182e5ccc828
3088e63d7226775cb86b94f572b4f465fd3c006fd67dd4c442c576a6b1ea91c6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31fd180b4d5812c45a9d2010e1ac4f8968726bb4c4bfe92179b1a9a198c31ee9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
356337b76d7f4b9160c875e583b6cee03d68779b3a4122503a07f54ecfa8499f
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37ceb009ac38005793b361babaa0b4b5970c029c5854f0198b418fe672e4e7f9
38d911dfbecf6d52b9721e8b84f0f17e313a35f47a0f1b7f4cda8766cd12113c
4183df159403f4b434fe94d3243ed902206fabc033653a37d95a23e71c2c9c50
426ee0236cee8f3a865445ae2490d16ffd726477506b4da8c1ca9c719824577a
43d25cbd913c9c11c817e2a13dd1b8ba5266193368cad328ba58cc5ef40eaae1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441b7c57ec8279421e0f613423cac619a7e16f0b729849ded7feea7bc01d622e
4445b2cd69596ff0d8e18c614443f12c441f05111755c2d64f64366068b6e68c
44d48be70ee82e1c8da7697ccffcde3d66ae5598bc70ad9e1dd4b0adc2438f9d
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4782439d86c1e5d446dd82c371f600d9088b2d495179d4f18959c349eb5dc891
49377ad707c426f4c9e75ee86232406b9fe4e497191762c38fe0098a60b52103
49cb320e70318f3e92fa92494c530bf3bbf0b481738bd43ba6665d51920ff684
4a56195022c079db57a6aba03a355b21b8553f025bdcfdfc46777b63ca5c6257
4b17bfedca5bf1099ec2a1ff8583e75559cb22af331ebb37ba747abee37faf01
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ca5c1818628636a6c5e43a58f851a1f93e4719ba6f8bde3b76a7ecb758300ea
4db00624d1251f8677dc1a1c77b7e367ff03fa722399540bd933fa1c73725a1c
4de08e9e4f7fe504bf180386c75f7f12b2e2b852fc6f003d282874bb8018d0a1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fd20797ddc4b890e63f91c523ffd9880feb5a2a298b5a820bbc4057c7353fe4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5182ae6795f103085d25f0aeae4b8b1aace2c64515035b225b26a13e055c5cc4
51d57a6cb474d30a384503f9489427d08c688ca40e0ea37f31706d81486d9d4e
52c3181bdd6fa90a14bb3fddc1162ec72a6e9de45c331af7f441173fd4984b5b
53a4cae5e4c333469d81ba7724ee2ba53f4bf898dba15ad38cf8f9dde129ae27
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f08f65f3314322d257398acd659ae0bb102e65f62ee5c26daece91d36102d0
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
5dbdf681d8276a3c342db241c301c634ca81db30af7f3c67fdc327a68a52070a
609391ffb78e68c288f29447805c789be7d52d5b36a4e3833e8d1e2a08dcbe40
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6222fe0cd7d0f51ff664c0aec5ac374ba7c66fb818bff01c43cf2eb651343c73
628e833b30a114c3c244e01b37971d8557e5a698f47341a5c6cbd9b0e5d926b6
634fc8a1672438d919bb857e05d3f7d82ddc56711af424303b580e7e88b12f90
63f4a8a01a55420912a7f06a3758909f87f985f2b39277d09109d25128ec5c60
64b66ecab9e4243760888a8dadae1d5d3e5cb734ba3c4fd23eedcfa7beb99f1d
6555dc661b39db95fa7646e32a6f9010178c1dd012c2157d017b08a26c06405c
66d8ed167cc299575192559b75eb144c1e9ddbfb2fab3030e7dd338dee25a199
694bec05ec8bd849c918c72fc562f0a846088a6dada5df02de7dd3a2ac2eb786
69fa5f6a24722a5a543077f698f3a7803b4b018d636cb31eb93ae24e992e425e
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
7268e9fff51614a8b7b2c58bee8144d420df4a41662f1c0d4d258683dd36ba3c
7344ad6681e82afd9fea9fc1701634a5203d997aaae5a9d70cbaef697b1881be
7396e7847036871acdf046f207e8152778ce2a9cc7a29dd593f64151ed62a7dc
73b17e5622c277226f400ebdff58792fb1e1710dde3d66199fd21ff46f65a37a
74b02571827f551a6cb5b3a42b0239c4a7d2c00bcd5a9f8de9e8c6d955133596
76860def2b4142e3c665d7df7f65e708a8374bb81f8b3640798de6f4a00eec75
76fa9922b0c8912a6765b0b6d498c2f1997e7f5fe60e185679e0b02c8ec8bdf1
777c02b5e26ed37204a220e5a86884a9501a100c90ccc9fbbdce8f3c2ba58797
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7a661c8beb99f57cd116c079606d235b5abffec848f7dce250d90932592c67fe
7d02c6bffcc569989a414c4948fcde02486056854bcf5fdbbb4a2e66ba029be3
7e6ce9e68597926b5be7d049d0e47f8cc539da878c3acb2477c4096ffdbabe1a
7f116ce064296bb68f5adc78f16e0298efd4a0db15077406976147f6ce69a5b8
8090ff4811ed86e34450c2885b8061e2885c301aff74597988ab5cbb978ed4fd
8225199135a702e825b9906a3fc4a5dfca4d565d9a4a5383ee3da3c32c776d93
834c116086d5efe18d8b434bd9019619802b5ac47540d0a59db01117f876b61c
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85832b423ed22f0c697d03bb0916178a6b1ac360276aecf7120954715440388d
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
87e897d5a812b332e575d766382358735b492905c15aa8ed690ec6dd11ecad19
88cb1d117f75cfe109f18e7f3c69007756ef23ddf2570ff32b3605997c73de5d
88edee81704b21b8e047f9b3b80498f4f970c6077fac356be4eaa82813d5b4d5
8a0da652369f481875d34bcda1de6ab1cef6a2f59e3bc3892b7322eb18e1701e
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8b300cef81c33f00afe4c851e14e0ca7de24413970b98691bb8b99265a5ad24e
8c8ca30b4fb87e8147a39a60c46da011a3509f9377e780df41d716e188c1675f
8d56d6ab9442a14f273b082897620fbe5b9c763a9e8b1c3dd29f55297cda48fa
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
8f838c807ff9fffa19ef81e9ba11530361339b32d8243c273baf687bd8118126
8fdb586d912921f1b0f9e70f27085c7a4591a5db166acbf2e288a057f895cfcd
9126aa152f75f8a0385289baba5d603e9b4ca071318ccc0efd192b8a42098644
9562b3f6c3d21163fb20ba2c524c6b7c9852078b88bf28175c32613a8c05f292
95b1acb3a50a4fa9f65648dbb22ab62ee66679d90d1bb20bed349e39203bcc82
98b1194a7053041193519e5ce99f1ced1be25876fcceace435586ee752fab66f
98b2eb57ecc2ac49066c0b2b3255d6efab586ed5b2331671c3afc43a228adc59
98ec4ed14adbf73b89e413f4eef7bddbb9d52b79ca4cfbc0e8533d659db8c333
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c7f40c41c665dea8972f801f21bff0961710681f75caa4dc1f77738c4ace21e
9ce3b5c4234a82787d531a299f04a38920fb501e43c17f608be8deb7dbe11b36
9e1a02a0db42011570ff8a5277d6717bcb5f9c790b24a2bfe9a7cb67a6e1e7c7
9e3c4ffc7667e0c48b0d59757af39452615ffed9c10d822f60ed55df5c5d7897
9f9f54a216f448fd66a834ca3042c20157ec6c74fe1f96b90ff8c468243cb25f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff773ed1b2ef8ea1f3255599988f148995c89a88c57b94e1d5a51ad12b62f1b
a003aad25c727636df00a5447d9a21d1fbc879d18da7309a51ff859f7f36c614
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2868202b2fac677a2b61bdff511bd74fa62b16aa8a1554019fbdb505b018528
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a8debb352b0305029486ab930f9be2f973975794b5cd98d35a61f110de9d7991
ab552134bb583e972e5935e3e0c598d22821358cb643b3a28e071eedfd0a1cce
ac3eaa0a0962c0f7585b7616224752270f7ee5835d1c75975f1f36f6347dab92
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad02300b942922661c3a394159ea6609bdf2d3e9c48dd2d618c4414bbe986e59
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
af0437ace7f3b6502fcd6003821ed1a448009dee53390dc06f4d2512984d2820
af4623890dd7d43707b59a445c5ec22ed45234d6494896cda1ba286eb65635cc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2fbb2b1eb1ced32480a529830153a6897fa81ecee4781a49857d9b3502c6ac5
b3705e81a7e785ac273d460c863a77988b5509a69f57ff821ae75717cb0f257c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b43d4d1220e49b70af1e3d4053ce95b681382705c4412d920993105e855b666a
b57c7e0fcaaed10f4d99b445db6e98dc8fa7f14636c3e57b00a4a739f6aed8dc
b588388326a9d3d30442904afd354fbb2f1feeb88ffca342e1c2f0391a692910
b8d6322ca32ce3a55136c371c104bfb9a08ad942b2b63152269eef2590c132de
bb629e74741734f357fcc6f4b04d7479f04be72e6622305aded71cc872edacca
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
bde2fbffac90405f2e77ee244bede51b9ccbc906bfa38b213444b2c1bf1f1a5e
bee85b440c8a7debf815e374832553af4b7ab17ce63d76df439984e91fe74e27
c0a4e38e6642c9ceff6bf2ffe36a92930ffa5089bdbfc4e442890a6d11fd04e4
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806
c35218d0f7ac97666bd7a3afbf06afbd22752e1eeaffc57f2a156ac137127fb2
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c555c1a2a15432e6dfb797e42629b493af80c7b86d0e256d9a481a939f545a82
c674daaf26f5e4c92541781a019894952690eb251725a30df75131e9c5d8741f
c68ec695fc9e96c4efd72706d7bdc0df7d0512496bbdd674c3a4eb032a680029
c70505c7d91d75bc067ca3b68bd8cc77a23e1cbd38533c72d531a1ed8f9a93d4
c7cdc9a26303e7b0585259640b9c06a824fdec46746a4802b4cc4dde22c3f3dd
c87a841b9a5f1c5b612c2e74b8340e09935799fe3b7806791a670374b4cfab5d
c90bd973efce28582a3be2ee899dd759de13a81e4a19457949397b3d7c476153
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
cec40527e8188d034fd90b569dd841f089f032bae84aa3f4e0475c25d203b8aa
ced01b1b71d1bc7737c9b76639670e9fd5adfcdbcb438cbe94bf528ecaad8f65
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cf845dc66e9cb5950c3a0b2285a1d60cd9894d49ef4dda64fcfa00e1f15f09c7
cfc8b6996355ced08153df6674a6676d329695619e29f8e276d07188e19e5ca1
cfd1897da4eb799d84174b51b83717be0cf01a57fe49e70d04f569ca709fe026
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16cc62673aa21ca2967342c798753025f450ac1bb242a09a5d9f6a62168665d
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d5d053d816e6247c7b42db56e895a6515c46929babb9d575671cf40f245326eb
d686d2f49f1fba79a674b60c9d0a407df8422f81257bf4003e728be85fbec9e2
d86cdb66005e137bf5ce1ab5021948978ba07e3e5521e07b4b1fe43815355b0e
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
daf995b8385fdee4b0843b4873ca0f0bcf42e346c5ccf4099ed7633adfc30600
db0c72d1ae4ba0892d7a159f08c2de41e5c8b8f9a476666668b3afdd9907b8d4
db59fb135cbcc4d8e7b6a104f6141e972d80ac263d5804797572ad9d5d39d168
dfe5138294c2908e3030fbd62513a864fa6fcdad073c9dc0afc16659a2a7fb4d
e1294a9e4bb03a8c5f50defb9b9ec17cca7edce8b616ca12ac2fec128ec9d6b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41533d5c6eab361631aa3cf8bf7b8a2e6babfcc42a1aa950b2b0cd80c109b8f
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e46a3b74f97cf7e8ee02e26b53097e99896c6305082c843eef68f993377db947
e80ae8049baa987b0716119b1ee1d6aa0e3b1703e7ba9c608b5da76042194217
e854c7455b2f994fef0fbeb20c2ce9b818188bc485ade17b2ef8009a1817a585
e913166ca1ae2d518ca5d5cfdda8a9a7f58c7cf7dfe3e794186c3bb47b2baccd
eba3346938e201171b22dc5038405297e54e0d3247efc5fda6fffa878a1fbc87
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eeadf01b666963ef4bcbe6eb4dd3dc2e56505c4655a1ec65f74843a2be846ece
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1bb88711ca11da50efa45df1d7fe4055c4717dcf8baf239567a65353cf474f7
f1ccd0e346a2a2aebc5025d7ce99fb1d410deb362c98c0357d3e1d21e26d3568
f28565927fdfc6b19aa587b954c6d1cd06428a51d583bc055cd4f5cf966ac2bb
f65c8cda6477556182933a180cbd7ddbdb8bac80bb227b99984e2e050670b55c
f72859eb21f2215922e5b7d39f67f663613c672c3d9747887b16ae3bb8e77e3c
f768a55b84bbe5c77fb374af98cdf5b75783b3673250f0a8415ad96218700057
f910a7060bf3794dee4c3ccc43e288c6826e4fa64ca79cab536e1e17beb317b4

www.dtto.com Open in urlscan Pro 2606:4700:4400::6812:252c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

265 Requests

85 %HTTPS

50 %IPv6

36 Domains

55 Subdomains

44 IPs

6 Countries

3472 kBTransfer

9998 kBSize

40 Cookies

2 Outgoing links

Page URL History

Redirected requests

265 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dtto.com Open in urlscan Pro
2606:4700:4400::6812:252c Public Scan

Screenshot
Live screenshot

Full Image

265
Requests

85 %
HTTPS

50 %
IPv6

36
Domains

55
Subdomains

44
IPs

6
Countries

3472 kB
Transfer

9998 kB
Size

40
Cookies

265 HTTP transactions
18 data transactions