urlscan.io logo urlscan.io
SecurityTrails logo

www.lebanonfiles.com Open in urlscan Pro
2606:4700:20::681a:b47  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lebanonfiles.com/
Effective URL: http://www.lebanonfiles.com/
Submission: On February 07 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 13 countries across 85 domains to perform 803 HTTP transactions. The main IP is 2606:4700:20::681a:b47, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.lebanonfiles.com. The Cisco Umbrella rank of the primary domain is 563892.
This is the only time www.lebanonfiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
98 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 35.157.179.180 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
13 2a00:1450:400... 15169 (GOOGLE)
1 52.216.240.78 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 138.199.37.225 60068 (CDN77 ^_^)
1 2600:9000:213... 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
18 2a00:1450:400... 15169 (GOOGLE)
1 34.96.69.62 396982 (GOOGLE-CL...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 3.19.54.139 16509 (AMAZON-02)
29 2a00:1450:400... 15169 (GOOGLE)
1 46.105.201.240 16276 (OVH)
9 2a00:1450:400... 15169 (GOOGLE)
18 151.139.128.10 20446 (STACKPATH...)
2 2.18.79.139 20940 (AKAMAI-ASN1)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 34.160.128.112 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 149.56.240.31 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
10 11 52.58.133.213 16509 (AMAZON-02)
6 6 185.29.134.248 30419 (MEDIAMATH...)
2 52.59.113.250 16509 (AMAZON-02)
5 5 18.156.0.31 16509 (AMAZON-02)
1 18.196.91.239 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
22 146.20.132.107 27357 (RACKSPACE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
42 2a00:1450:400... 15169 (GOOGLE)
9 9 35.214.223.115 15169 (GOOGLE)
45 146.20.132.150 27357 (RACKSPACE)
9 9 46.228.164.11 56396 (AMOBEE)
9 9 54.90.58.187 14618 (AMAZON-AES)
2 2606:4700:303... 13335 (CLOUDFLAR...)
6 44.205.108.144 14618 (AMAZON-AES)
45 146.20.132.133 27357 (RACKSPACE)
4 35.244.145.108 15169 (GOOGLE)
4 35.244.159.8 15169 (GOOGLE)
1 18.158.141.17 16509 (AMAZON-02)
15 37.157.3.28 198622 (ADFORM)
4 185.89.210.153 29990 (ASN-APPNEX)
7 52.57.159.169 16509 (AMAZON-02)
7 2600:1f18:612... 14618 (AMAZON-AES)
12 2a00:1450:400... 15169 (GOOGLE)
11 190.2.151.10 49981 (WORLDSTREAM)
12 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2600:1901:0:7... 15169 (GOOGLE)
122 2606:4700:20:... 13335 (CLOUDFLAR...)
7 185.132.133.134 49981 (WORLDSTREAM)
5 2a00:1450:400... 15169 (GOOGLE)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 15.197.193.217 16509 (AMAZON-02)
3 3 85.114.159.93 24961 (MYLOC-AS ...)
4 72 142.250.185.130 15169 (GOOGLE)
5 5 35.190.0.66 15169 (GOOGLE)
4 4 209.191.163.209 14744 (INTERNAP-...)
8 8 13.248.245.213 16509 (AMAZON-02)
3 3 34.91.62.186 396982 (GOOGLE-CL...)
1 35.186.253.211 15169 (GOOGLE)
1 185.86.139.103 201081 (SMARTADSE...)
2 2 185.89.211.12 29990 (ASN-APPNEX)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 5 37.157.2.234 198622 (ADFORM)
4 4 69.173.144.139 26667 (RUBICONPR...)
3 3 2600:9000:223... 16509 (AMAZON-02)
9 9 213.19.147.44 3356 (LEVEL3)
3 8 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.194.49 54113 (FASTLY)
2 2 213.155.156.184 1299 (TWELVE99 ...)
4 4 3.122.47.214 16509 (AMAZON-02)
3 6 104.96.128.226 16625 (AKAMAI-AS)
2 2 35.186.193.173 15169 (GOOGLE)
3 3 198.47.127.19 62713 (AS-PUBMATIC)
2 2 18.158.219.34 16509 (AMAZON-02)
2 2 35.210.53.219 19527 (GOOGLE-2)
3 3 172.64.154.237 13335 (CLOUDFLAR...)
2 2 3.69.180.66 16509 (AMAZON-02)
1 1 51.89.9.252 16276 (OVH)
4 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 34.98.67.61 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
3 185.180.223.225 49981 (WORLDSTREAM)
1 104.17.120.107 13335 (CLOUDFLAR...)
1 151.101.193.108 54113 (FASTLY)
9 2607:f8b0:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
12 12 172.217.19.102 15169 (GOOGLE)
10 15 95.100.75.47 16625 (AKAMAI-AS)
3 87.118.116.9 31103 (KEYWEB-AS)
7 2606:4700::68... 13335 (CLOUDFLAR...)
8 8 84.200.5.215 44066 (DE-FIRSTC...)
4 88.99.63.132 24940 (HETZNER-AS)
9 18.168.165.36 16509 (AMAZON-02)
4 13.224.189.29 16509 (AMAZON-02)
3 18.66.15.16 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 34.98.64.218 396982 (GOOGLE-CL...)
1 167.71.9.19 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
12 13.41.113.17 16509 (AMAZON-02)
803 88
1    2606:4700:20::ac43:441e (United States)

ASN13335 (CLOUDFLARENET, US)
lebanonfiles.com
9    2606:4700:20::681a:b47 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lebanonfiles.com
98    2606:4700:20::681a:a47 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lebanonfiles.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    35.157.179.180 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
tpx.tesseradigital.com
3    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
13    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    52.216.240.78 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    138.199.37.225 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-225.bunnyinfra.net
cdn.insurads.com
1    2600:9000:2138:e400:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
1    2600:9000:206f:dc00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
18    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    34.96.69.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.69.96.34.bc.googleusercontent.com
cdn.bidder.dev
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
htagpa.tech
1    3.19.54.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-19-54-139.us-east-2.compute.amazonaws.com
ads.vidoomy.com
29    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
9    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
18    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
ad.lkqd.net
2    2.18.79.139 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-139.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    2606:4700:3030::6815:1b4 (United States)

ASN13335 (CLOUDFLARENET, US)
aghtag.tech
2    34.160.128.112 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 112.128.160.34.bc.googleusercontent.com
api.floors.dev
3    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    149.56.240.31 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534110.ip-149-56-240.net
s4.histats.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
11    52.58.133.213 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-133-213.eu-central-1.compute.amazonaws.com
x.bidswitch.net
6    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    52.59.113.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-113-250.eu-central-1.compute.amazonaws.com
a.vidoomy.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    18.196.91.239 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-91-239.eu-central-1.compute.amazonaws.com
fd.tesseradigital.com
3    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:9000:206f:9400:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
22    146.20.132.107 (United States)

ASN27357 (RACKSPACE, US)
v.lkqd.net
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700:3037::ac43:c1e6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.exitbee.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
42    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    35.214.223.115 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 115.223.214.35.bc.googleusercontent.com
csync.loopme.me
45    146.20.132.150 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
9    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
9    54.90.58.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-58-187.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    2606:4700:3034::6815:4466 (United States)

ASN13335 (CLOUDFLARENET, US)
s.exitbee.com
6    44.205.108.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-108-144.compute-1.amazonaws.com
services.insurads.com
45    146.20.132.133 (United States)

ASN27357 (RACKSPACE, US)
t.lkqd.net
4    35.244.145.108 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 108.145.244.35.bc.googleusercontent.com
analytics.leya.tech
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adsparc-d.openx.net
vidoomy-d.openx.net
u.openx.net
1    18.158.141.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-141-17.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
15    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
4    185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
7    52.57.159.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-159-169.eu-central-1.compute.amazonaws.com
optimized-by.rubiconproject.com
7    2600:1f18:612b:4200:1473:79ff:9ba3:468f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
4cywq-eqnre.ads.tremorhub.com
12    2a00:1450:400d:80c::2001 (Ireland)

ASN15169 (GOOGLE, US)
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
11    190.2.151.10 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-151-10.hosted-by-worldstream.net
ad.vidverto.io
12    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
122    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
7    185.132.133.134 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-132-133-134.hosted-by-worldstream.net
ad.vidverto.io
5    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
72    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
5    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
4    209.191.163.209 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
8    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
3    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
5    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    2600:9000:223f:1000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
9    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
8    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    213.155.156.184 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com
d5p.de17a.com
4    3.122.47.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-47-214.eu-central-1.compute.amazonaws.com
pm.w55c.net
6    104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com
sync.teads.tv
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    18.158.219.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-219-34.eu-central-1.compute.amazonaws.com
match.360yield.com
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
3    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    3.69.180.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-180-66.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
1    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a05:d018:d29:3602:d8ac:1edd:aee1:32b6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    185.180.223.225 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-225.hosted-by-worldstream.net
cdn.vidverto.io
1    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
9    2607:f8b0:4000:81c::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
8    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
12    172.217.19.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s27-in-f6.1e100.net
ad.doubleclick.net
15    95.100.75.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-75-47.deploy.static.akamaitechnologies.com
www.awin1.com
3    87.118.116.9 (Germany)

ASN31103 (KEYWEB-AS, DE)
PTR: km36617.keymachine.de
banner.congstar.de
7    2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
8    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
4    88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de
partner.o2online.de
9    18.168.165.36 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-165-36.eu-west-2.compute.amazonaws.com
track.webgains.com
4    13.224.189.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-29.fra2.r.cloudfront.net
analytics.webgains.io
3    18.66.15.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-16.vie50.r.cloudfront.net
cdn.track.production.webgains.team
1    2a00:1450:4001:13::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr1---sn-4g5lzned.googlevideo.com
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
vidoomy-d.openx.net
1    167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
bgstats.mox.tv
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
12    13.41.113.17 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-113-17.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
130 lkqd.net
ad.lkqd.net — Cisco Umbrella Rank: 22292
v.lkqd.net — Cisco Umbrella Rank: 16432
cs.lkqd.net — Cisco Umbrella Rank: 2885
t.lkqd.net — Cisco Umbrella Rank: 18345
571 KB
122 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 27638
ad4m.at — Cisco Umbrella Rank: 9391
assets.ad4m.at — Cisco Umbrella Rank: 39464
7 MB
119 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
pubads.g.doubleclick.net — Cisco Umbrella Rank: 429
ad.doubleclick.net — Cisco Umbrella Rank: 184
392 KB
108 lebanonfiles.com
lebanonfiles.com — Cisco Umbrella Rank: 549771
www.lebanonfiles.com — Cisco Umbrella Rank: 563892
3 MB
83 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
491 KB
21 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 59787
cdn.vidverto.io — Cisco Umbrella Rank: 88123
255 KB
20 adform.net
adx.adform.net — Cisco Umbrella Rank: 4264
c1.adform.net — Cisco Umbrella Rank: 568
12 KB
16 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 19463
api.webgains.io — Cisco Umbrella Rank: 57676
125 KB
16 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
283 KB
16 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
2 KB
15 awin1.com
www.awin1.com — Cisco Umbrella Rank: 15368
10 KB
14 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 84938
static-de.ad4mat.net — Cisco Umbrella Rank: 113105
18 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
577 KB
11 rubiconproject.com
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 4701
pixel.rubiconproject.com — Cisco Umbrella Rank: 308
5 KB
11 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
3 KB
10 openx.net
adsparc-d.openx.net — Cisco Umbrella Rank: 80966
vidoomy-d.openx.net — Cisco Umbrella Rank: 40126
rtb.openx.net — Cisco Umbrella Rank: 1634
u.openx.net — Cisco Umbrella Rank: 640
1 KB
9 webgains.com
track.webgains.com — Cisco Umbrella Rank: 47375
157 KB
9 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 651
3 KB
9 turn.com
ad.turn.com — Cisco Umbrella Rank: 748
4 KB
9 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 835
2 KB
9 insurads.com
cdn.insurads.com — Cisco Umbrella Rank: 18772
services.insurads.com — Cisco Umbrella Rank: 15874
53 KB
8 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1733
4 KB
8 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 329
4 KB
7 conrad.de
www.conrad.de — Cisco Umbrella Rank: 57500
2 KB
7 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
imasdk.googleapis.com — Cisco Umbrella Rank: 432
695 KB
7 tremorhub.com
4cywq-eqnre.ads.tremorhub.com — Cisco Umbrella Rank: 54852
3 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
secure.adnxs.com — Cisco Umbrella Rank: 409
acdn.adnxs.com — Cisco Umbrella Rank: 534
23 KB
6 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1232
1 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 507
5 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414
2 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
4 KB
5 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 12230
2 KB
4 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 76484
6 KB
4 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 66678
2 KB
4 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 67818
1 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
3 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 592
3 KB
4 leya.tech
analytics.leya.tech — Cisco Umbrella Rank: 332048
560 B
3 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 58936
20 KB
3 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 82288
2 KB
3 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416
2 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 733
1 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
2 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 685
1 KB
3 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2918
310 B
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 767
2 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1401
2 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 632
1 KB
3 exitbee.com
cdn.exitbee.com — Cisco Umbrella Rank: 26069
s.exitbee.com — Cisco Umbrella Rank: 28896
22 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 8741
818 B
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 359
113 KB
3 vidoomy.com
ads.vidoomy.com — Cisco Umbrella Rank: 24320
a.vidoomy.com — Cisco Umbrella Rank: 10343
6 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 54292
get.optad360.io — Cisco Umbrella Rank: 38018
551 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3309
onesignal.com — Cisco Umbrella Rank: 1296
73 KB
3 tesseradigital.com
tpx.tesseradigital.com — Cisco Umbrella Rank: 153974
fd.tesseradigital.com — Cisco Umbrella Rank: 155434
27 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2177
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4461
747 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2166
795 B
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 31320
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4143
655 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
region1.google-analytics.com — Cisco Umbrella Rank: 2456
573 B
2 floors.dev
api.floors.dev — Cisco Umbrella Rank: 8256
2 KB
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 629
1 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 20828
s4.histats.com — Cisco Umbrella Rank: 16846
5 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
88 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 76
1 mox.tv
bgstats.mox.tv — Cisco Umbrella Rank: 61947
66 B
1 googlevideo.com
rr1---sn-4g5lzned.googlevideo.com — Cisco Umbrella Rank: 74241
1 MB
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 4992
1 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 283
17 KB
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1006
356 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 725
338 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 556
545 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 782
45 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
265 B
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 5622
162 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 858
605 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
76 KB
1 aghtag.tech
aghtag.tech — Cisco Umbrella Rank: 38868
89 KB
1 htagpa.tech
htagpa.tech — Cisco Umbrella Rank: 297562
3 KB
1 bidder.dev
cdn.bidder.dev — Cisco Umbrella Rank: 145985
48 KB
1 amazonaws.com
s3.amazonaws.com
140 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 958
6 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
0 effectivemeasure.net Failed
t.effectivemeasure.net Failed
803 85
Domain Requested by
107 www.lebanonfiles.com www.lebanonfiles.com
static.cloudflareinsights.com
72 cm.g.doubleclick.net 4 redirects bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
50 assets.ad4m.at as.ad4m.at
45 t.lkqd.net ad.lkqd.net
45 cs.lkqd.net ad.lkqd.net
42 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
www.lebanonfiles.com
imasdk.googleapis.com
36 ad4m.at as.ad4m.at
ad4m.at
36 as.ad4m.at bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
www.lebanonfiles.com
as.ad4m.at
ad4m.at
29 pagead2.googlesyndication.com www.lebanonfiles.com
pagead2.googlesyndication.com
cdn.exitbee.com
tpc.googlesyndication.com
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
www.googletagservices.com
22 v.lkqd.net ad.lkqd.net
18 ad.vidverto.io www.lebanonfiles.com
ad.vidverto.io
imasdk.googleapis.com
18 ad.lkqd.net www.lebanonfiles.com
ad.lkqd.net
18 securepubads.g.doubleclick.net www.lebanonfiles.com
securepubads.g.doubleclick.net
www.googletagservices.com
15 www.awin1.com 10 redirects as.ad4m.at
15 adx.adform.net cdn.jsdelivr.net
ad.lkqd.net
13 www.google.com www.lebanonfiles.com
tpc.googlesyndication.com
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
12 api.webgains.io analytics.webgains.io
12 ad.doubleclick.net 12 redirects
12 www.googletagservices.com securepubads.g.doubleclick.net
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
www.lebanonfiles.com
12 bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com securepubads.g.doubleclick.net
11 x.bidswitch.net 10 redirects
9 track.webgains.com as.ad4m.at
track.webgains.com
9 csi.gstatic.com imasdk.googleapis.com
9 prod-rtb.ad4mat.net www.lebanonfiles.com
9 sync.srv.stackadapt.com 9 redirects
9 ad.turn.com 9 redirects
9 csync.loopme.me 9 redirects
8 pubads.g.doubleclick.net imasdk.googleapis.com
8 eb2.3lift.com 8 redirects
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
7 www.conrad.de as.ad4m.at
7 vidoomy-d.openx.net ad.lkqd.net
7 4cywq-eqnre.ads.tremorhub.com ad.lkqd.net
7 optimized-by.rubiconproject.com ad.lkqd.net
6 sync.teads.tv 3 redirects bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
6 sync.1rx.io 6 redirects
6 services.insurads.com cdn.insurads.com
6 sync.mathtag.com 6 redirects
5 static-de.ad4mat.net as.ad4m.at
5 a.tribalfusion.com 3 redirects bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
5 c1.adform.net 5 redirects
5 ads.travelaudience.com 5 redirects
5 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
5 ups.analytics.yahoo.com 5 redirects
4 analytics.webgains.io track.webgains.com
4 partner.o2online.de as.ad4m.at
4 www.lead-alliance.net 4 redirects
4 www.telefonica-partner.de 4 redirects
4 fonts.gstatic.com fonts.googleapis.com
ad.vidverto.io
4 pm.w55c.net 4 redirects
4 pixel.rubiconproject.com 4 redirects
4 ap.lijit.com 4 redirects
4 ib.adnxs.com cdn.jsdelivr.net
acdn.adnxs.com
4 analytics.leya.tech cdn.bidder.dev
3 cdn.track.production.webgains.team as.ad4m.at
track.webgains.com
3 banner.congstar.de as.ad4m.at
3 cdn.vidverto.io
3 ssum-sec.casalemedia.com 3 redirects
3 image6.pubmatic.com 3 redirects
3 s.tribalfusion.com bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
3 sync.targeting.unrulymedia.com 3 redirects
3 s.ad.smaato.net 3 redirects
3 dclk-match.dotomi.com bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
3 um.simpli.fi 3 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 cms.quantserve.com 1 redirects bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
3 www.gstatic.com www.google.com
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
3 cdn.jsdelivr.net cdn.bidder.dev
cdn.jsdelivr.net
get.optad360.io
3 cdn.insurads.com www.lebanonfiles.com
services.insurads.com
2 a.sportradarserving.com 2 redirects
2 pool.admedo.com 2 redirects
2 match.360yield.com 2 redirects
2 gcm.ctnsnet.com 2 redirects
2 d5p.de17a.com 2 redirects
2 secure.adnxs.com 2 redirects
2 fonts.googleapis.com bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
2 s.exitbee.com cdn.exitbee.com
2 a.vidoomy.com
2 api.floors.dev cdn.bidder.dev
2 ads.stickyadstv.com ad.lkqd.net
2 get.optad360.io www.lebanonfiles.com
get.optad360.io
2 connect.facebook.net www.lebanonfiles.com
connect.facebook.net
2 cdn.onesignal.com www.lebanonfiles.com
cdn.onesignal.com
2 tpx.tesseradigital.com www.lebanonfiles.com
1 www.youtube.com
1 bgstats.mox.tv
1 rr1---sn-4g5lzned.googlevideo.com
1 u.openx.net cdn.jsdelivr.net
1 acdn.adnxs.com cdn.jsdelivr.net
1 biddr.brealtime.com cdn.jsdelivr.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 odr.mookie1.com bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
1 onetag-sys.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 ssbsync.smartadserver.com bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
1 rtb.openx.net bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
1 match.adsrvr.org bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
1 hb.emxdgt.com cdn.jsdelivr.net
1 adsparc-d.openx.net cdn.jsdelivr.net
1 region1.google-analytics.com www.googletagmanager.com
1 onesignal.com cdn.onesignal.com
1 cdn.exitbee.com aghtag.tech
1 stats.g.doubleclick.net www.lebanonfiles.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fd.tesseradigital.com tpx.tesseradigital.com
1 www.google-analytics.com www.lebanonfiles.com
1 s4.histats.com s10.histats.com
1 www.googletagmanager.com www.lebanonfiles.com
1 aghtag.tech htagpa.tech
1 s10.histats.com www.lebanonfiles.com
1 ads.vidoomy.com www.lebanonfiles.com
1 htagpa.tech www.lebanonfiles.com
1 cdn.bidder.dev www.lebanonfiles.com
1 cmp.optad360.io www.lebanonfiles.com
1 s3.amazonaws.com www.lebanonfiles.com
1 static.cloudflareinsights.com www.lebanonfiles.com
1 lebanonfiles.com 1 redirects
0 googlecm.hit.gemius.pl Failed bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
0 t.effectivemeasure.net Failed www.lebanonfiles.com
803 122
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-27 -
2024-01-27		 a year crt.sh
tpx.tesseradigital.com
R3		 2023-02-05 -
2023-05-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-16 -
2023-02-14		 3 months crt.sh
*.insurads.com
Go Daddy Secure Certificate Authority - G2		 2022-04-29 -
2023-05-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
cdn.bidder.dev
GTS CA 1D4		 2022-12-10 -
2023-03-10		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
ad.lkqd.net
R3		 2023-01-28 -
2023-04-28		 3 months crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-06-16		 a year crt.sh
api.floors.dev
GTS CA 1D4		 2023-01-27 -
2023-04-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
histats.com
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
fd.tesseradigital.com
R3		 2022-12-13 -
2023-03-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.optad360.io
Amazon		 2022-10-17 -
2023-11-15		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.exitbee.com
E1		 2022-12-22 -
2023-03-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.lkqd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-27 -
2023-07-18		 a year crt.sh
analytics.leya.tech
GTS CA 1D4		 2022-12-17 -
2023-03-17		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
ad.vidverto.io
R3		 2022-11-28 -
2023-02-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-12-13 -
2023-03-13		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
cdn.vidverto.io
R3		 2022-11-26 -
2023-02-24		 3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2023-01-23 -
2024-02-24		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-09-29 -
2023-10-28		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-11		 2 months crt.sh
bgstats.mox.tv
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh

This page contains 98 frames:

Primary Page: http://www.lebanonfiles.com/
Frame ID: 3A371F51C7374A71F6AAEC267067C560
Requests: 237 HTTP requests in this frame

Frame: http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675756800
Frame ID: FD2D0AEBDC615E67D5AA18AD5AC15D40
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html
Frame ID: 05F584F8D6A0FA39F8E095A81640FFD2
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 8CFF388A488B9CD07771425A4847CA37
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/formats.js
Frame ID: 0E5231EF67928EDFD7787C78531663CE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8745593945608202&output=html&adk=1812271804&adf=3025194257&lmt=1675761753&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&ea=0&pra=5&wgl=1&dt=1675761752923&bpp=4&bdt=803&idt=289&shv=r20230202&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4395065835724&frm=20&pv=2&ga_vid=523928778.1675761753&ga_sid=1675761753&ga_hid=1541745987&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C44774606%2C44779794%2C31071268&oid=2&pvsid=1794503022683742&tmod=227946247&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=348
Frame ID: 0597E60B1CEDAAE1FD9F99D321D88D3F
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A6E827BFAD77101AE430C36558725030
Requests: 6 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: DC0303F1FBB48628DFF60C625B8556F3
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 59EEF0E05BD5D76B9AA349ADBC4453FD
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: B2B07D72AF19A71DDA9AA4AD7FB02873
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 253240B4184D689FF25901C6F0060FDB
Requests: 1 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 426763E3B7CB92C58B3A248268937762
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 37F2D2A9F5BF77FBD2BAD6875AA81587
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 74798C5D56C1B141B09FA9CA027E2DD8
Requests: 2 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: FA8FAFE660B7AE793C3715EF2E51B267
Requests: 3 HTTP requests in this frame

Frame: https://services.insurads.com/ad?auid=929906&csz=%5B%5D&sz=%5B%5D&appId=2490&s=2910&dm=1&is=0&ct=%7B%7D&h=http%3A%2F%2Fwww.lebanonfiles.com%2F&sid=01453D0F6A0C04E2&v=1.9.6&rv=1&ts=1675761754167
Frame ID: C9658D50896F27EAA52EE58D6FA9B90B
Requests: 1 HTTP requests in this frame

Frame: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6081D1DCB1E596BFE9AB5D8D22EFF0B5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvjLBjqC8NZoJl6kBNgs6XVJIvv-rh_pcKSJMZSVCnKE52upySzqTEnR6KNkNafC7NIvDKYvRYf_8i2DI8Utj6a7jHmMDC0aDu8aS0vJPhHA0VguOW72odW4o-WYwhUzgnSKa3CChaMh2a67BB-6veHKWsDOQRwLaMbsDBtV2PelFCefvInlht4lpyDZpRogapy4BXGkgYUm0FVaO5558ApyCtiBLP2YZMZTohPn6Ml8HtdR0o7bAu_PEytYT0dyBSIvaZ1vS1rBgExu50LdZboTcq8LazaJjo6vcyUL1ikkKFyWrWUvXxSEw3eullE3g5h6UH8KCqLyh6gGC4I1B3pr_a8Q&sai=AMfl-YTzjNZNm00klAqlHYqcBLMSbzp9SxKd6MXUZDtFfN2H9IAzwrjLXGWWEANfBm_NaVFCnXAzmD7OVP4dFsOlC54jFdggRtV4KfCj0RY68Z8XQk202rJUxjSYZ6C4aQ&sig=Cg0ArKJSzEo1qPTRTETwEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3D564DC7B842F457DD0AE2BE043AEE61
Requests: 5 HTTP requests in this frame

Frame: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DDF07664A6223ACC25C149F0ACE3E5A6
Requests: 16 HTTP requests in this frame

Frame: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D80C1AB1507EB0221B2104A50A76CF7D
Requests: 9 HTTP requests in this frame

Frame: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B790360CEB870F1CFAD178BDB3BE24B8
Requests: 8 HTTP requests in this frame

Frame: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 74026410FEEA38661406EFF2834B55F7
Requests: 9 HTTP requests in this frame

Frame: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 46FE99471ECC358CAB10BE99BA0A03DF
Requests: 9 HTTP requests in this frame

Frame: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 36D69AE04FD65EBE604CA7CE4219FA4D
Requests: 1 HTTP requests in this frame

Frame: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 48CA4604BF5F1E3F0F0A21CF99477613
Requests: 8 HTTP requests in this frame

Frame: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 860F55202950AC4E818ED03E7A2B0897
Requests: 16 HTTP requests in this frame

Frame: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F8A7E575583ABF6229DAD6F879F85FFC
Requests: 1 HTTP requests in this frame

Frame: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7930754885E68ED37761A0CD73E211F0
Requests: 8 HTTP requests in this frame

Frame: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E2C48F1189B8FC0B64848DCD75988511
Requests: 1 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=2490&requests=[{%22eaup%22:%22/21894097782/LFiles_300x600_300x250%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:600,%22eId%22:%22main_lfiles_300x600_300x250_0%22},{%22eaup%22:%22/21894097782/LFiles_320x50_320x100(1)%22,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_320x50_320x100(1)_0%22},{%22eaup%22:%22/21894097782/LFiles_320x50_320x100(2)%22,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_320x50_320x100(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_728x90_970x90_970x250(2)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:728,%22h%22:90,%22eId%22:%22main_lfiles_728x90_970x90_970x250(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_300x250(2)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_300x250(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_300x600(1)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:600,%22eId%22:%22main_lfiles_300x600(1)_0%22},{%22eaup%22:%22/21894097782/LFiles_728x90_970x90_970x250(3)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:728,%22h%22:90,%22eId%22:%22main_lfiles_728x90_970x90_970x250(3)_0%22},{%22eaup%22:%22/21894097782/LFiles_300x600(2)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:600,%22eId%22:%22main_lfiles_300x600(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_320x50_320x100(3)%22,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_320x50_320x100(3)_0%22},{%22eaup%22:%22/21894097782/LFiles_728x90_970x90_970x250(4)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:970,%22h%22:250,%22eId%22:%22main_lfiles_728x90_970x90_970x250(4)_0%22},{%22eaup%22:%22/21894097782/LFiles_728x90(1)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:728,%22h%22:90,%22eId%22:%22main_lfiles_728x90(1)_0%22}]&h=http%3A%2F%2Fwww.lebanonfiles.com%2F
Frame ID: EAFDABD9E81CCD48117A68A330F2B8E7
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gy1rp4zh5rhk2nswa66b3mgz6eg7c185gq7mn8sz2p6zgd30cnw514mw5m5erbgef8ckehv1q33btssc0x3b18kyjb8fh3a38hwd43s30sx87xzb1dg63fz8xbfq01jqk69f6rs27z0t8d1x3hd9bbjh0qan29e0zk50dn50ysw7x9pdm059t1c1phzhm1dn9z4b2ap1v5tfbe09vrh1mkyyxmkwzjeg7kggx9bfqbmsm02te8vaprhbqwsvkevmzz90xbvtyy8kct9csakvzw5g7m7amtkqwa9n7jzvf3xgg5khsdk8e2wkxkk38zmdhv0zx0jegsxv895kamsezq79bdrwhpyeggzrf7rnx8yefyca0e4vjc8am3jx1ykv03hj05hk74qdagpt25cd7anes7s5rhq614s53arbrrfjsr7yjd4y3cb1z0hvpbz8vwntbv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Frame ID: 13D6D5EEB439E50D2D74371CD5BE858C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 746A14EAE6E6F1732BF9073B4871BC6B
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gz1vs1272vt11sh27xv8v5zcf7jpff02a5ggqmkvt0sj2cqcqe0d9x73359txh88ygd2jgapcpwhp7nqqtcsxpew7tycar3ysd7mt5j6wxseetnv5qxcfh3wjnvasjdn0cx46kkkgk9shhy9mpdbwyjeyrmyhz2d73xr4bz62383tq5603g0dm1wg26y0v799r91r6nk483jv5eg89a3vhmcdev0423anhpznszjz0gc5v9stnca2vvrcah97ps1ak0sxtrkc8phqp7re26xjr207p7twtg9pz7jy36pf2cn8pc2qmtxe4ekj89xt884tf8zdpj4fbbgmbzy7x3n7dkb6710qkds87ytk1f23ppr3bjymx1hvmfm78aqjsqv06ks7f5c6fhav13tszwam68ctdc2t75c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Frame ID: 43AA6598874E4AE5DD49B540CFE9502E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FB53EE99215DB788BF2A0994A5AAA3C1
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kpm7581ve6tht0mzzsjhrb8afzf2v73hrd1d26n6hr9wtf3j757brj0b6cakjf9fyjd03h058qx4khzh89921t5242xyp785vmytxyjk19gnn82v5zrprzt63n4nm7h1k3f5q5ajbkv90k1qe450eh0th8qm72r65a64vyx8zbhex0p414hfaa3k21eaxd8m6pdw50g6ddk2xtpp7j9x45e4m9zatz92mt34eadr8px19q5jnqsgqd81r9xetphmhtvq0g8k8c1bvyxmmtw00t9hrtt6rs4s4ba8mb78wpvdy1ha8y47n9j1ehej7f8mj0zqz9tqmzdcb9zpcsa988j5c2pb1g2krnxm0t0y7bxmz5ppxtd0qrfx9z7cyd11hf6693typkjf5a1ar1zsa32hgje4q061hf232xqqnmf8epgfw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Frame ID: 10C24D300E31EB178E20F0B794429C81
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E520E75447FD0664B385BCE826D2AE6C
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g5xv36gdqay1vvr7e1gh2rsy5rk1k6ae2hgd5by8930acta9ng34v61v9ysnphch4emn00x04zdqq117qkd9eszx7208sfd1ayt81zk10xg7h251bk9abk3dh250dvgq8ws29dzzjpq9q28bcabjz2jfqz0733702hspf52kz28p25s2a9v36n4qxx1erw30n1qzvd4vdgxwpmhe729zw0bnf03gwb3tmyargetz32nhfae469rv66ydma9d9hb41gf427e60bh60qnz2f1v92ea722sqdcejj1wv80eqkzj3c9e5varm5h3g1a6vw6sbmtbfq8nrnb2r6pyszxcfpxv97czp9y4vvs050wkqng8rehpx1jxkky6wvvwhszcn5m9hrjfwx0h9v7vz23hnwbkyfzpyqatrhdqsn5frhcd7gqfv1ahwjjb5r2rbthrf1nf9jy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%26client%3Dca-pub-8745593945608202%26adurl%3D
Frame ID: 57955D795B0F346A45A0BD77D709A6D3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BFB2940E6C2484475FD336EE1C239083
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CwY7BWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSWAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGqzqrGNf8ucdVznwq0Q1RRX5F3K3XqCib8kqXtothU-1dfRAt_H5h4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi04NzQ1NTkzOTQ1NjA4MjAyGIT_dA&sigh=aXj-4N9ehMY&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE
Frame ID: 289EE91E27F7637EEC203F2381475522
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gtqdn7wfn7a1qfhh69zgkn0rr8jjfz7s22ee4tetznm5y7pnwqydg1c93g9d37z0n2vw3tjwg94m254178bpxrkfefjw1jhbb461v3nwp81gw5bhbeqc0n1acy4pt3byqpx4mxxmamb5sww7e2vk8k30ak9zr701tst8hw650wy54hr1whengn846mqrhcjsrjbk397q080pq6hepypdb51p5e3ezgts0364krmjgn8xqqa0t570mh05m3eddastapmf2x6kjevtwyvtp9jxjc623n5cc3n7mme9w9z92696hnfxqj170edjgmj1znk1bbfb10eanrnn7ae3v41jg4kjavwy7h6za8s51cjdt6psykje9nnsnah6eey32s5jfb6r0bccjxe4cmzqxjr0rmycsdsmy6h9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%26client%3Dca-pub-8745593945608202%26adurl%3D
Frame ID: 8A0EF275040A71E2AC8B7E1BED2C5148
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 35D89EC8AB105AC407307889054585E9
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g5x3trv83pwpjafcy4e9nx9f55cj2byagvcb3ekh9j1fqgj2208qw2br42r275wpy0gr3hzw44czzd4kjp0d4eqqjyqbx3vrefzc1pw3pek6zdwfc8a8szk63873vmcygmfbg2rcxcp7ww7yeyzc6p3q77t83m138atd437d83wergr0gp7kg72th1jz5k5hd2dbgbf3g1vjh69bze27nzsaqnhdgbtt7e2p7qx4g10a6ns4hnxnkkwq5dq29rwkz30tnwxvj72bah9q3p6qn4dvham6bya3xp8nyxjy7pbpt1fdm92bzvtng8ncaf5tazxspr9p92vtwvfx43d4zeynn1b9r3w5g1mk60tbwtt5sbh49fv310pw36ww6q86wnqyrf5s0b0e794bngzw22v37yy9m4txxzgnxv2sffm2xtja18t609n9ky4me9bybg4cyk7ew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%26client%3Dca-pub-8745593945608202%26adurl%3D
Frame ID: 46C3DD794EA4AD5D6CC6C3EF4AAC577F
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D477E92B9F05DB783DFBEE391F0957C5
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJwL4WhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSgAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf78Giw7k_zDers0mLYq5dZnhuOptX4aKGZPHX4e9vYGwWy862j6SgOAEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODc0NTU5Mzk0NTYwODIwMhiE_3Q&sigh=BsAIlJ2lWR8&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE
Frame ID: 2C563D69297C0A507B5DBF733BA886EE
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gqdt2050ypgad3dvs8nrrw5vfpvpbzvxzfdphv9yrttpkw3wpf67gfg0qyt5sp9v9fa968q81d0n3y47avdt1n8vrbbdxgqg5yr16gqjtrdp82fkgm990z4ny66jw25y46b9a39tjnpa05p8cm4tws03h59ts5gnrkjkbwyz0qyjsvdyx0agk7j743pw17ckfmqcaanxh81bcxctz80nbv9x70syb6rw8gcdrv842x5ww8sp7a2vf80t1ve81bmxan5j4cjf64c5g3713yfq87djkya812jeccrfwqqxbm4tsd8fw92rhjkh353c4sj3m0y6gb8rv4eyz727gecpajzcptb1qeb363w5fj6bf129hpn7jpr5cchvp6bbcpner21m5rjqhd4d8g33d4pg8qrrecrasq6zpd016fwyem9wq0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo7ZJWhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf79EiS92KMlZ7gWhZRxjPAsTgf5n8oykAU5Hnc4vRRWudzfvBqHSSN9ZY-AEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0eydoCOmNS9PMvixd6cclmJyvkNQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Frame ID: E2A092F7F9E74F6884E7DAE28F87CAE1
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E7FD25A57BAC7D77CE81A68EEADE639A
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kmz842rnxwkjqpas3dm8t1s7f874z3b7mahw3mf63ba679w0edcwp036605hn3bh8j6k11zjkggv6787scp460t3wd57vsmrfdrc97a08ccjkd3mb3mw8bx51pcna2kb7np68qmzt22mzvbrxhgpjkfw0tpjbvn07wmawvtdhpxaxknep1jhwnpc8yt8t9qahbyk2q2z2ygcjvx3k3f9z42ey9jwzd9kkmd3c2bn9xvfc5jvv8kj44m46h8d0fw9n3qtsnv8gg86cq7jy822851hg6q8gt9s13hs27yhttp0pbv261z3ecpb1y297fc72xf35xpdercvd7hvbp93tt2wgw9n00mpb4vbv67bwta5hjdjbmgqpmb3wb0j3wt5469tfrmwsdnxg4fjxqv9fcq0h6acdeggjnet31jx1zq43ea3q6zhczz0dvxkj08479653n7s8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Frame ID: E20BC4AA46775D01F3FB648F518059BA
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DC514A06CF28E2A623477DEB5F6AD796
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBntTWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSbAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1TvPKHHrOzdFwuvjVAvRcMJ0BFf3iakD0JZ5tvWFMJRRWpxOD8g5XgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg3NDU1OTM5NDU2MDgyMDIYhP90&sigh=yJBJCZGr_iE&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE
Frame ID: 6C471CF1F6233AC8D4972883DBE76176
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gmmahp0aen8stdzahve9jmdkmqaj98ks1f8p5hxjefnty55mdfgm9jsmmymhr307qkvwkd9zwr5g10awr9frgv7c8akptfj4acxd39pjs843yfndqz9s4gv097ahqnj3x7gws0m2s4f4czkpskrg1fgyr6f7pjsjre72zxze4rsgkcqescb8dnzxbsf44bw9efk2gv7pyj5419qx4e325nrx715pwqwb2gbh74tdtc85hs0bff3m0jd58j15vt4mf2p5rdd3agh2zpqwhtxxmetzx8zn9mdbktvkva3vzhngpd4pp8ecwpdj7yawy859z94wytamhn3t39xc5nafgvas1v4148nbsses5ggaxdwdk2yybemc74ajbmefwyktyx0jbd14rvyh6ak4bkxk8ty98jh5j1b7h6cpv10p189qsr6y88szehfsamwkz9xgk9t6expjr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Frame ID: 598978CA55220F6064A95289A378755B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 08D9F1336202B5B81E305EEA543DCC8C
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 7338F7A323C69BEC8AE0D9E9FF59EC0E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 885434475D6352C89F601BCF5BB46D13
Requests: 9 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: C096B1759E689D1FBE95081B6D1F9740
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 46211169914724908D7B4262F19BDE69
Requests: 9 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 5884AB953ECE772B1D925355953F9E90
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: DB80F7F39B37B1E2E05CDBB6C4EADA71
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8E8859416FB0996C7DC56A28EF27E0D9
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D03DE8F5B8CCD645297ABC85698AADA5
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 33C11600F010A5106B70611F7BEDC8B6
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Frame ID: B21CD9E81CF9C14BDF26AAD0999337B1
Requests: 37 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 132DB6CCCC4BB2686AB9208976F48197
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 49DA609D993598C0D1BF2C51FBD974F7
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 255D4313A2ADEA515ED3148923FE435F
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C2E7179356F3540D58F4F7F18D0CDFC7
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: C125AB88FAC5BA3F7B0AD95ADC8FEA4D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: 7F3BA51BA7216EC072000D929288F988
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: BE4EECA6915AEEA66D2ECA2D08E89E9B
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Frame ID: 9840920AE90E42A288871030159049C8
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 30095492944CE39C8AF0A2DFE8FD3249
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C6344B54AD48B9595EA8D77AA8D9E8C0
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 53726F64B2E49DF8AD555EC638BB083A
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=22925%2C14019%2C117569&b=kkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=dcd73013d91bba824bb63c7df57e2eb5%2F11564415562883759876&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757333&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdnqbzwrnkect4zvdnyw27mgc0apd0cg8xf3mq9qfgtm9hdc8v32k8s99xqebeyqq13swv0p469sfg8d3egc279hayndrcz4bzy74n7j4s8xsee5hr0zr8x15r2ap5xs6hpj5q0czemxffn5td8dqtfjbn86zr510gmfay9rrv87vqz0pjd9n5z95b8mcqtga7d9kf5k463zcxfbn5e8vdy2akxtnadmrhfxy67ptv42bnc406znc9c5nnqqvgwmcmnd4mjfrzct66khbnxfgf7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Frame ID: 201BDC0C68BB1B3EE2E32E84D6805FE4
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Frame ID: 631B8C7C61080080562BDD24F2EE643A
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=2ab97b69596961a79fd0887044a7a68b%2F15856490710707791105&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757335&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwk015cy1bxr6yxbdc9cycwm3hkerfrpatzp3xd77m5nantr4kyy4020bkyh0httwtz3102wv6tcscvnndjvq9g53fa00v56qhxggm0bkj42kn9p5fqgzgdrv4mkbs7hv0mqt3g9pe5db191p9rgrjdmjyb495yrs3xa7r73tmaxs1cwfzft729d6q25ndknk9bczy8r9229pgr4x1kpkkc8w36dxewrg1avcg15zpf9r0f39kt3xx3dbzqfg6dh8svm6kgf7p84280tywhz7ym%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Frame ID: 2532AD09DAA9A58554E3BC5AC02805EF
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Frame ID: 8D92DDBBC6391021DF9ABF5F71323984
Requests: 16 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196438&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz&c=300&d=50&e=&g=faf51af2a100adf3764cd428b692c95c%2F13791815436736438511&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757338&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geztzq7b84k05f5b2tpcm536ktrd9rxqn4tts10adm3kktsmh274ddkgjh2hzkxshx4p2811ktwz7p2b9q11tnw2dnt4n9ve3f1wpnrng81sbqhxj2vy25xd9p47dn2f4gxpkwvxz1gjx6dcg4xyxjym09qzbg0h0w09xxb2prk2cqe6gj9rbdgnna8x2qqrf1rqnfj5gf1b29r1vdta1rt1t486s9dbd2ha67sec3p759qzsze1zqnvacq17j9p41fxwsxc5v6e06r4fx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo7ZJWhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf79EiS92KMlZ7gWhZRxjPAsTgf5n8oykAU5Hnc4vRRWudzfvBqHSSN9ZY-AEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0eydoCOmNS9PMvixd6cclmJyvkNQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Frame ID: 17291E45B1DF49AB373AE00DFB8EB3F2
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Frame ID: B9CFB7DE6FA35AE693530A79D0E28790
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=160&d=600&e=&g=2aaddd651aa00f888982e71fe970275c%2F12755215677127775712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757339&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Frame ID: 434890C2BB89B6F47157F6E53A2AA0CA
Requests: 16 HTTP requests in this frame

Frame: https://services.insurads.com/dfp/mapping/batch?appId=2490&requests=[{%22eaup%22:%22/21894097782/LFiles_1x1%22,%22eoid%22:2761469273,%22eolid%22:5507213652,%22advid%22:4830452331,%22w%22:1,%22h%22:1,%22eId%22:%22main_lfiles_1x1_0%22}]&h=http%3A%2F%2Fwww.lebanonfiles.com%2F
Frame ID: AD52DE5BE0E86B7801FF47DBD51064A3
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=9a934c8011023aaed3bcec722bc92fb2%2F4393075690616156216&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hb1c3yefm9956dv8av8yqna334dqtzg7j4dyxpszgpgwvncmrn4hc5xqecrn24kcgb8gvh6phyj8k1x6dg6merxmfxqnzkgwgm6w62xmy2cqfhj25hafhgd61yyz58w3jdj8m5vw6kjjvk85bd5tgegmkgtsjtmyn6ght9ss05pv52y9fahdz9kcj20yqyry9z5yem4rcmmmdq7qbwm6ar2zk9cdfqwm96d2pk7hae8zy8fxw770b7kcfb5db2pgzf3pre9h13j9p2f6qd64bdj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Frame ID: D681D888BE855D80F1390CB6D622DB93
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19458%2C14019%2C117569&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=970&d=90&e=&g=7a6057afdd8125553e67a2079e020180%2F10502505646532520483&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6t5n1whyt6y1ts9p9qwb7gt3pyn93gbc436rczw1jgc9t5dzamz71p21vazme2an7r397gndjjbzsq99z98jpcyw6da0mdemnsfzyrrjw66jrdrpm0scverjrcpk6fnewp5fs7w0v0m1kwhrpzkn6bsytxq8xvj26qzpms2v2wnddzcqkg6aahd7mdqkegfre2dq69mr2edbytasazvwrgb3rc41yhr37kqrv6njm395hv14jgxy17cz3tdaysc8r646ex0vk76h32drdvk838%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Frame ID: 23B7770A012F74A120052B08B9A8ECFC
Requests: 11 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 3199A18F7833F407779B261ED75D8A20
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 5F17583CCB349853CC6C243B790C8B1B
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 10353DC5BDDC5B324C2A62998D8222C0
Requests: 3 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 9C640DCEBEC00F0FA35B2C75C635CFBE
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 40FF691E24579BBF3A2F3CD8D7E3D71B
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: A5E08457010715D17A24ABE2E308D366
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 4884DF6E24003447700AC8BEC8CFF6DC
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: EAF86253A030198F3A095467B14215D0
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 3139E85BA6CB133F50E0CE2D9A32372D
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 07A36AF96F8AA4AE4E25034DB27D7F4E
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 386323061D9F22B5E8845A1EA20A6B9C
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 9FC4C00D0F0AD9B807E3B7854D96BD80
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 98EDFCD9C78F61B0AF8539813730FE85
Requests: 3 HTTP requests in this frame

Frame: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Frame ID: 51737EC99EE8BAF418E433D36E71A976
Requests: 2 HTTP requests in this frame

Frame: https://ad.lkqd.net/cookie-sync/usync.html
Frame ID: 189D7D6A191BC7B193333604C7CBF4FF
Requests: 6 HTTP requests in this frame

Frame: https://t.lkqd.net/t
Frame ID: 725A2AECBCA07AE572B61AB358A01CB5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

أخبار الساعة من لبنان والعالم بشكل مباشر | Lebanonfiles | ليبانون فايلز

Page URL History Show full URLs

  1. http://lebanonfiles.com/ HTTP 301
    http://www.lebanonfiles.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

803
Requests

79 %
HTTPS

41 %
IPv6

85
Domains

122
Subdomains

88
IPs

13
Countries

16047 kB
Transfer

28569 kB
Size

90
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lebanonfiles.com/ HTTP 301
    http://www.lebanonfiles.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 128
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=830776866.60218131503272412.8216957 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=830776866.60218131503272412.8216957 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D7b98b217-8a90-4507-852e-bd18524b0892&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=817463e2-1859-4800-b13f-de4fed3864eb&expires=30&ssp=vidoomy&bsw_param=7b98b217-8a90-4507-852e-bd18524b0892&gdpr=&gdpr_consent= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=7b98b217-8a90-4507-852e-bd18524b0892
Request Chain 129
  • https://ups.analytics.yahoo.com/ups/58610/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58610/occ?verify=true HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-7gHR.J1E2uFyfP3dWEPQxSpPZwcGK7_Lo67zz2o-~A
Request Chain 142
  • https://www.lebanonfiles.com/wp-admin/admin-ajax.php?action=get_breaking_news&nonce=90f1e20079 HTTP 302
  • http://www.lebanonfiles.com/
Request Chain 163
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3ebea895-f7a8-4a58-950e-424bcab69405
Request Chain 166
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2852590471268345559
Request Chain 167
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=xHdopG0BSH1gnBIQptEGm1D_B2c
Request Chain 169
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=a45f3175-f6e8-4c2a-ad6b-aad902a6d754
Request Chain 172
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2924648065306273495
Request Chain 173
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=2MFQ0PXlQxlijwVvrt_4JlD_B2c
Request Chain 189
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=ef7497ff-6c56-44c9-8683-0b5125cf2247
Request Chain 192
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Request Chain 193
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Request Chain 381
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDsRFYrIb8yQKwDlmwgExCo&google_cver=1&google_push=Aa02lx9xjlfJq3zYGsdWK7HZLriMrmK4BlywyjVTqNErga6-HdPx4aCxhL5-pOEg8tAtDUb788uVY42tkwyvOF8MmYF6acWEvcImgIs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NzM0MTkzNzkwOTQzMDQyMQ%3D%3D&google_push=Aa02lx9xjlfJq3zYGsdWK7HZLriMrmK4BlywyjVTqNErga6-HdPx4aCxhL5-pOEg8tAtDUb788uVY42tkwyvOF8MmYF6acWEvcImgIs
Request Chain 382
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBqOPjFxzUQfBeE6b7RRfzc&google_cver=1&google_push=Aa02lx9PkedvuSt77g6AOwGbmFSajHQEz0_KlYWwF4GnQY6uo9BcDGgr8m6_dIQOLbOKMJ4q1x01_ZiN8o5bGZI9lU-Tr1lCeD4ZHDU HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JfBmhATMQC-xFwEeTy8WsA2&google_push=Aa02lx9PkedvuSt77g6AOwGbmFSajHQEz0_KlYWwF4GnQY6uo9BcDGgr8m6_dIQOLbOKMJ4q1x01_ZiN8o5bGZI9lU-Tr1lCeD4ZHDU
Request Chain 383
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOkRf6h2zR1xi4jWJMaEh4E&google_cver=1&google_push=Aa02lx9ZiWixg5ZlPWcMWq-BpTbL2i2EQjhHHIHcdCb92RNavASv8im-8MZU8s3i2p90GcL2u_0XS1BgH6eEI1cq3y7pogGNYSCTyQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOkRf6h2zR1xi4jWJMaEh4E&google_cver=1&google_push=Aa02lx9ZiWixg5ZlPWcMWq-BpTbL2i2EQjhHHIHcdCb92RNavASv8im-8MZU8s3i2p90GcL2u_0XS1BgH6eEI1cq3y7pogGNYSCTyQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9ZiWixg5ZlPWcMWq-BpTbL2i2EQjhHHIHcdCb92RNavASv8im-8MZU8s3i2p90GcL2u_0XS1BgH6eEI1cq3y7pogGNYSCTyQ&google_hm=GHbSDGZHTiizMHpOREetfWxO
Request Chain 384
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDYsVKRSeMQI0xjGUNxVmyE&google_cver=1&google_push=Aa02lx9SpJI9C8xu7eCxHbCSFB8mSmrnKom0KraBBrKMIGUsVDW816vIARi0RpRNYJsFdpS-pmUrS0FPyEJlK0a9jOkJTR2HnjcXlJ8 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9SpJI9C8xu7eCxHbCSFB8mSmrnKom0KraBBrKMIGUsVDW816vIARi0RpRNYJsFdpS-pmUrS0FPyEJlK0a9jOkJTR2HnjcXlJ8&google_gid=CAESEDYsVKRSeMQI0xjGUNxVmyE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx9SpJI9C8xu7eCxHbCSFB8mSmrnKom0KraBBrKMIGUsVDW816vIARi0RpRNYJsFdpS-pmUrS0FPyEJlK0a9jOkJTR2HnjcXlJ8
Request Chain 385
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELUSMkC3dD7sMjBQORNKbCU&google_cver=1&google_push=Aa02lx9QH9YUXneQ_ZTnxfCoMgaU4qKpoqi_m0PGY8VKPxbaDhuw4tXJFZWF_TZYuTwSjpRQuLPqWvwlXUBQ6bE-a6ayrcktINHo-EIw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=7b98b217-8a90-4507-852e-bd18524b0892&%%GOOGLE_PUSH_PAIR%%
Request Chain 387
  • https://um.simpli.fi/gp_match?google_gid=CAESEHNhUSdgLsGI8yLs0V-GjWQ&google_cver=1&google_push=Aa02lx-kzwG8VZYNC9LEvY7wbCYBtjBRtXI-yrHu_w0zeU70TLXZczT-O2cr1t2bE8czI9pqj5s9RL17S_Kc7vPmpACTwOZ_71jpIFl_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=61BDF0114B9E460585098B08786C2192&google_push=Aa02lx-kzwG8VZYNC9LEvY7wbCYBtjBRtXI-yrHu_w0zeU70TLXZczT-O2cr1t2bE8czI9pqj5s9RL17S_Kc7vPmpACTwOZ_71jpIFl_
Request Chain 388
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBqOPjFxzUQfBeE6b7RRfzc&google_cver=1&google_push=Aa02lx8L8S84yCI3F7h5VpQ9Vb7VYZLQ9bk56og7UyZlmZe36TQ7jqXEgkdU4NJfwdbUl8qclijUa2vYC0p_5EoXnwdI483WKfgPIXk HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dc4QFE7BRe6W0Kf6v3URVQ2&google_push=Aa02lx8L8S84yCI3F7h5VpQ9Vb7VYZLQ9bk56og7UyZlmZe36TQ7jqXEgkdU4NJfwdbUl8qclijUa2vYC0p_5EoXnwdI483WKfgPIXk
Request Chain 390
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDYsVKRSeMQI0xjGUNxVmyE&google_cver=1&google_push=Aa02lx9WCf9GbtucvSPsT7yWbOln21aoZYMaUvJNCxuBO4aznTOHe3enPw3ROLAzmYVonUSqYR0nAYMS4gBRsEG7DPLULvNhV59hKsac HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9WCf9GbtucvSPsT7yWbOln21aoZYMaUvJNCxuBO4aznTOHe3enPw3ROLAzmYVonUSqYR0nAYMS4gBRsEG7DPLULvNhV59hKsac&google_gid=CAESEDYsVKRSeMQI0xjGUNxVmyE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx9WCf9GbtucvSPsT7yWbOln21aoZYMaUvJNCxuBO4aznTOHe3enPw3ROLAzmYVonUSqYR0nAYMS4gBRsEG7DPLULvNhV59hKsac
Request Chain 392
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGGPxI78yD7B74KQuil_ocw&google_cver=1&google_push=Aa02lx9D3HA-KL8d-CX8UEoSoqNGJknzuiSFiT-otJ6eDq0kACuogyIrwdhgRk0yFIjHiAGpbK7HZvpjHMlZektd1WUrOiGj2ziHU3Aa6g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SbGpaWWx4RTJ1RU5CbkZhUTMwT21iY2h4b2lnNDJjMX5B&google_push=Aa02lx9D3HA-KL8d-CX8UEoSoqNGJknzuiSFiT-otJ6eDq0kACuogyIrwdhgRk0yFIjHiAGpbK7HZvpjHMlZektd1WUrOiGj2ziHU3Aa6g
Request Chain 393
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI4lq3pKnVnKHVbT5x3ZGSI&google_cver=1&google_push=Aa02lx9C--o6U8e4i-3lY0nvrExbtpIxsxbZstAUqcFT1EREOD3Kiar9ZXopVMwUu3K3UTZepyykqZPy9R1hd2QuddBO8eD0scDkrTOYaw HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEI4lq3pKnVnKHVbT5x3ZGSI%26google_cver%3D1%26google_push%3DAa02lx9C--o6U8e4i-3lY0nvrExbtpIxsxbZstAUqcFT1EREOD3Kiar9ZXopVMwUu3K3UTZepyykqZPy9R1hd2QuddBO8eD0scDkrTOYaw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjczMjEyMTI1NDc4NjAzODE3Mw%3D%3D&google_gid=CAESEI4lq3pKnVnKHVbT5x3ZGSI&google_cver=1&google_push=Aa02lx9C--o6U8e4i-3lY0nvrExbtpIxsxbZstAUqcFT1EREOD3Kiar9ZXopVMwUu3K3UTZepyykqZPy9R1hd2QuddBO8eD0scDkrTOYaw
Request Chain 396
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBqOPjFxzUQfBeE6b7RRfzc&google_cver=1&google_push=Aa02lx9TccmsnSvAn1E8jG4yf0WiOns3lAws6SbOPhD3RDIYtryEM0dIwn9UKbbLqzM0adXC0hwoALy-HCNLnd33uHAptQvhJqt- HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=RBaUJj_WQT-zxgCqHzx7Qg2&google_push=Aa02lx9TccmsnSvAn1E8jG4yf0WiOns3lAws6SbOPhD3RDIYtryEM0dIwn9UKbbLqzM0adXC0hwoALy-HCNLnd33uHAptQvhJqt-
Request Chain 397
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGFa0amh1FfRqxhaLKJw5ro&google_cver=1&google_push=Aa02lx9bS-KswDiS_rLtzZwq1H03Jz7V4e38u1T4h_oD_DdBqeZTQq8AmoNxY-l81z8ELfCgv0bf0IS0966y9UiUAEUcX-EOv_moqw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGFa0amh1FfRqxhaLKJw5ro&google_cver=1&google_push=Aa02lx9bS-KswDiS_rLtzZwq1H03Jz7V4e38u1T4h_oD_DdBqeZTQq8AmoNxY-l81z8ELfCgv0bf0IS0966y9UiUAEUcX-EOv_moqw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU4MTcwNjk5MDUzMjA0NzM2MA&google_push=Aa02lx9bS-KswDiS_rLtzZwq1H03Jz7V4e38u1T4h_oD_DdBqeZTQq8AmoNxY-l81z8ELfCgv0bf0IS0966y9UiUAEUcX-EOv_moqw
Request Chain 398
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMHu4Y62DPuhPVPGvzJrYU&google_cver=1&google_push=Aa02lx-XNrbLK5tw2EJNHhD95aZ3KejUmn2GH2pCAkTKIjgcUMxlUETQWisK0mMpCsSqK34BBOab4nRan_DAFLAwlgL-IKCle-ZJkA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx-XNrbLK5tw2EJNHhD95aZ3KejUmn2GH2pCAkTKIjgcUMxlUETQWisK0mMpCsSqK34BBOab4nRan_DAFLAwlgL-IKCle-ZJkA
Request Chain 399
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEM6J9xn0N-a9qOKiMrInlVc&google_cver=1&google_push=Aa02lx8Md1RcLJ4EnnNT7MRvU3OtNnKdl7MKCar7AEnc6jNbKHhkDkb0Ca0LvC-Gv-navYPsdI6M9uH038gJNZPVhWQRKDG74gJQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8Md1RcLJ4EnnNT7MRvU3OtNnKdl7MKCar7AEnc6jNbKHhkDkb0Ca0LvC-Gv-navYPsdI6M9uH038gJNZPVhWQRKDG74gJQ
Request Chain 400
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA4QYsnrINfPipCfyz1i_xM&google_cver=1&google_push=Aa02lx92NhbIsFdkIZQ-n-XY7-eqe9iFOnFuD2aSaZ6GRxNj5GOoaJe2DBEfbHyOZxgnHFVzNAAz4td8aTY0rHC5_OFwWuGe2Yrh2w HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx92NhbIsFdkIZQ-n-XY7-eqe9iFOnFuD2aSaZ6GRxNj5GOoaJe2DBEfbHyOZxgnHFVzNAAz4td8aTY0rHC5_OFwWuGe2Yrh2w&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675761756126 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3593d9ee-e5b1-44a7-8e7e-e9a804fe6201-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx92NhbIsFdkIZQ-n-XY7-eqe9iFOnFuD2aSaZ6GRxNj5GOoaJe2DBEfbHyOZxgnHFVzNAAz4td8aTY0rHC5_OFwWuGe2Yrh2w%26google_hm%3DAzWT2e7lsUSnjn7pqAT-YgE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx92NhbIsFdkIZQ-n-XY7-eqe9iFOnFuD2aSaZ6GRxNj5GOoaJe2DBEfbHyOZxgnHFVzNAAz4td8aTY0rHC5_OFwWuGe2Yrh2w&google_hm=AzWT2e7lsUSnjn7pqAT-YgE
Request Chain 401
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELUSMkC3dD7sMjBQORNKbCU&google_cver=1&google_push=Aa02lx8vq1OwtrtdlCPujql60yVfOT3NVeVPRpYoK6Q7XCLhnQkkOn_DgcElCDII-TDPZIhQ_aJHvfLunDjKdmQzXAeMfF_jLK7aikI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=7b98b217-8a90-4507-852e-bd18524b0892&%%GOOGLE_PUSH_PAIR%%
Request Chain 403
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx9ms6fnJgIHawLrf3t5O3g6uxg5j1syf-mTHHf6Kd4Nwjj-YLR7KRkl6g-m81buZlNfVoJtPjPDuDAg_EExguVAO1ekiC7tXUwU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9ms6fnJgIHawLrf3t5O3g6uxg5j1syf-mTHHf6Kd4Nwjj-YLR7KRkl6g-m81buZlNfVoJtPjPDuDAg_EExguVAO1ekiC7tXUwU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx9ms6fnJgIHawLrf3t5O3g6uxg5j1syf-mTHHf6Kd4Nwjj-YLR7KRkl6g-m81buZlNfVoJtPjPDuDAg_EExguVAO1ekiC7tXUwU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9ms6fnJgIHawLrf3t5O3g6uxg5j1syf-mTHHf6Kd4Nwjj-YLR7KRkl6g-m81buZlNfVoJtPjPDuDAg_EExguVAO1ekiC7tXUwU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 404
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF1arKR2DZlmO4wtrzhga4E&google_cver=1&google_push=Aa02lx95H4tyN4ZOu-no_BUPHK7JB9NMF4KskFN43rqY26L9wgaKTIUsGb00lMkYkwAL-VA8LOh7MZZPFRsp4QI7cr3AYO2qnkRwqjkP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF1arKR2DZlmO4wtrzhga4E&google_push=Aa02lx95H4tyN4ZOu-no_BUPHK7JB9NMF4KskFN43rqY26L9wgaKTIUsGb00lMkYkwAL-VA8LOh7MZZPFRsp4QI7cr3AYO2qnkRwqjkP
Request Chain 405
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBqOPjFxzUQfBeE6b7RRfzc&google_cver=1&google_push=Aa02lx93rkvBvThKlJfT8X-7rbCVKKhWvVZKAyJtvbzi8AoZDrX7appAkhim0aOpiWfQYCojgEBUBZVrzFS23bmD8rb6tm6aeWTCdbfO HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yzG5r6oqTYaauYgcNMGVpQ2&google_push=Aa02lx93rkvBvThKlJfT8X-7rbCVKKhWvVZKAyJtvbzi8AoZDrX7appAkhim0aOpiWfQYCojgEBUBZVrzFS23bmD8rb6tm6aeWTCdbfO
Request Chain 406
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBzANO0yxJa_3N84abeDs0w&google_cver=1&google_push=Aa02lx_oT6CSBnN8Bgnye0hpaes11sos0nVYQfIZc-40v1olEB16f03Sl8x99Llfhx7s-dAYNOWhaDvz0_Ezk7uV-P2dNDcvS2tmg42M HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBzANO0yxJa_3N84abeDs0w&google_cver=1&google_push=Aa02lx_oT6CSBnN8Bgnye0hpaes11sos0nVYQfIZc-40v1olEB16f03Sl8x99Llfhx7s-dAYNOWhaDvz0_Ezk7uV-P2dNDcvS2tmg42M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_oT6CSBnN8Bgnye0hpaes11sos0nVYQfIZc-40v1olEB16f03Sl8x99Llfhx7s-dAYNOWhaDvz0_Ezk7uV-P2dNDcvS2tmg42M
Request Chain 407
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMHu4Y62DPuhPVPGvzJrYU&google_cver=1&google_push=Aa02lx8Ae4HyKrIOSoyCfWmMJErKWna4iTYkjkZfakhopUOyuCvvMF9ctAeO6R34d8a5UkAT3Nz6u0YywPVOU6U-QuhQy0Dl34OW3LKu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx8Ae4HyKrIOSoyCfWmMJErKWna4iTYkjkZfakhopUOyuCvvMF9ctAeO6R34d8a5UkAT3Nz6u0YywPVOU6U-QuhQy0Dl34OW3LKu
Request Chain 408
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDYsVKRSeMQI0xjGUNxVmyE&google_cver=1&google_push=Aa02lx_wEc1USHwhtSSontvyXP9Pkis3gBGJLR1761lF_N37rJuYtR_PpnHGlaLm9IIvNc8mvJuGxynyiHHkCfNqKPIVk7-3rtLkiIM HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_wEc1USHwhtSSontvyXP9Pkis3gBGJLR1761lF_N37rJuYtR_PpnHGlaLm9IIvNc8mvJuGxynyiHHkCfNqKPIVk7-3rtLkiIM&google_gid=CAESEDYsVKRSeMQI0xjGUNxVmyE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx_wEc1USHwhtSSontvyXP9Pkis3gBGJLR1761lF_N37rJuYtR_PpnHGlaLm9IIvNc8mvJuGxynyiHHkCfNqKPIVk7-3rtLkiIM
Request Chain 409
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGGPxI78yD7B74KQuil_ocw&google_cver=1&google_push=Aa02lx-f-WUnOY83j7O-nHFBxKQGJMn4D8XbXvrVCXmNLjpn9PZVLf1kJuC33jzrhnQf_1IBpt6TDgMi__BbVNY7VuNuAhHRpGS9RSjm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SbGpaWWx4RTJ1RU5CbkZhUTMwT21iY2h4b2lnNDJjMX5B&google_push=Aa02lx-f-WUnOY83j7O-nHFBxKQGJMn4D8XbXvrVCXmNLjpn9PZVLf1kJuC33jzrhnQf_1IBpt6TDgMi__BbVNY7VuNuAhHRpGS9RSjm
Request Chain 412
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cver=1&google_push=Aa02lx-PrJZyCqqrpBHdfDYBKd8kqhf4LAG74l8N96NCHKvb9TiT1L1EUW8fiLk-dGjmY0NE3OQuTpUU-gbbDwEA8L7VpdSDpt--vg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cver=1&google_push=Aa02lx-PrJZyCqqrpBHdfDYBKd8kqhf4LAG74l8N96NCHKvb9TiT1L1EUW8fiLk-dGjmY0NE3OQuTpUU-gbbDwEA8L7VpdSDpt--vg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RW8weHZsYnYxUHBrYnE1&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cver=1&google_push=Aa02lx-PrJZyCqqrpBHdfDYBKd8kqhf4LAG74l8N96NCHKvb9TiT1L1EUW8fiLk-dGjmY0NE3OQuTpUU-gbbDwEA8L7VpdSDpt--vg
Request Chain 413
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFjcunc7ePeTMa0nl47itk&google_cver=1&google_push=Aa02lx9aaAYnC1Uoc6cXW5fTWAuPz3-camB3KBdhObJrpXNP6KvDvyNqD_f61UDPcc3FHgPMJw9z6OJwiZxxYH6xdYihnixaVlABpx4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx9aaAYnC1Uoc6cXW5fTWAuPz3-camB3KBdhObJrpXNP6KvDvyNqD_f61UDPcc3FHgPMJw9z6OJwiZxxYH6xdYihnixaVlABpx4
Request Chain 414
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx_Wgu6zFUCXUPHGl2IcAdTZuZvlPjwN3bG0-cIV6eR3nTpVvO6bPsuKPMRoPGVfZXtaH2YC_24m0dR3E7_v2KFtPPsLTTsFrA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_Wgu6zFUCXUPHGl2IcAdTZuZvlPjwN3bG0-cIV6eR3nTpVvO6bPsuKPMRoPGVfZXtaH2YC_24m0dR3E7_v2KFtPPsLTTsFrA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx_Wgu6zFUCXUPHGl2IcAdTZuZvlPjwN3bG0-cIV6eR3nTpVvO6bPsuKPMRoPGVfZXtaH2YC_24m0dR3E7_v2KFtPPsLTTsFrA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_Wgu6zFUCXUPHGl2IcAdTZuZvlPjwN3bG0-cIV6eR3nTpVvO6bPsuKPMRoPGVfZXtaH2YC_24m0dR3E7_v2KFtPPsLTTsFrA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 415
  • https://um.simpli.fi/gp_match?google_gid=CAESEHNhUSdgLsGI8yLs0V-GjWQ&google_cver=1&google_push=Aa02lx__XqsG_NN3x0QTOqvLiJTHuh8CJdgqDqkJmQzM5L6gRJjAd5bE8hZWZAOI0Q12zfJGDeDtUxH4mNb8KTGBzHPTV74zo-oyxw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=985FC60A9A634F3B87FBB6E14F05A0C7&google_push=Aa02lx__XqsG_NN3x0QTOqvLiJTHuh8CJdgqDqkJmQzM5L6gRJjAd5bE8hZWZAOI0Q12zfJGDeDtUxH4mNb8KTGBzHPTV74zo-oyxw
Request Chain 416
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGFa0amh1FfRqxhaLKJw5ro&google_cver=1&google_push=Aa02lx9xIPJxwIYzje7uu4W8I2rb2FIwf98e7iNjpf-hsdYUftxpLxDxdO5QRb9QQ_X-kq2l5r75eUIwHssdwiD_T-hL3HBtldZrons HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGFa0amh1FfRqxhaLKJw5ro&google_cver=1&google_push=Aa02lx9xIPJxwIYzje7uu4W8I2rb2FIwf98e7iNjpf-hsdYUftxpLxDxdO5QRb9QQ_X-kq2l5r75eUIwHssdwiD_T-hL3HBtldZrons HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgzMjcyMjY2MzIyODMxMzE5Nw&google_push=Aa02lx9xIPJxwIYzje7uu4W8I2rb2FIwf98e7iNjpf-hsdYUftxpLxDxdO5QRb9QQ_X-kq2l5r75eUIwHssdwiD_T-hL3HBtldZrons
Request Chain 417
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKizTKUA6eW-3RCu4HYvxQg&google_cver=1&google_push=Aa02lx8w73gcD140sNeeG0viMsLFK69RLHQHhNYKvvmK6gfW_eZqwI4zaachpdeyS2FqdfFzSqW5sj4Smgpxiq2A0C9TyLd0NMYO42t5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx8w73gcD140sNeeG0viMsLFK69RLHQHhNYKvvmK6gfW_eZqwI4zaachpdeyS2FqdfFzSqW5sj4Smgpxiq2A0C9TyLd0NMYO42t5 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 420
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFjcunc7ePeTMa0nl47itk&google_cver=1&google_push=Aa02lx_b7-vQkgfYrGu2TO5PNIxcfQGBHw3_1R9-oMaTbAkndzbhfpjd92PnfFm63tyPCv0U8vMm5oRaqrzKHbxpLSm7iNSbSa1TvYZe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx_b7-vQkgfYrGu2TO5PNIxcfQGBHw3_1R9-oMaTbAkndzbhfpjd92PnfFm63tyPCv0U8vMm5oRaqrzKHbxpLSm7iNSbSa1TvYZe
Request Chain 421
  • https://um.simpli.fi/gp_match?google_gid=CAESEHNhUSdgLsGI8yLs0V-GjWQ&google_cver=1&google_push=Aa02lx9qGaICRacDnnnbbbc0k3--H-APbBdwuJ0xNUyK7WPtB9ugsHx2PO7sqxiT53guR0dW_fdmjNX6hUBBIqf8rIKJNWOaPXlqRfk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5BCC59C25B8B4F51BF98675D595522A5&google_push=Aa02lx9qGaICRacDnnnbbbc0k3--H-APbBdwuJ0xNUyK7WPtB9ugsHx2PO7sqxiT53guR0dW_fdmjNX6hUBBIqf8rIKJNWOaPXlqRfk
Request Chain 422
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIdpFSniZmQmD2Rkh_VkScc&google_cver=1&google_push=Aa02lx-LqbevmvJpBp32aGNwEZWxJNV6naaeWSh8pwRU3AbQMNprqriMigjHqA0onzIEYq-D3MJpFiMUs6KEDbi4mA0I1l7IKfh536if HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-LqbevmvJpBp32aGNwEZWxJNV6naaeWSh8pwRU3AbQMNprqriMigjHqA0onzIEYq-D3MJpFiMUs6KEDbi4mA0I1l7IKfh536if&google_hm=zoGiFF0fTcmwuyQUwI8NPmc
Request Chain 423
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBqOPjFxzUQfBeE6b7RRfzc&google_cver=1&google_push=Aa02lx_AIrI0kIdGHm24ys2GINR27X3JjmrF-QWziRcYJwFlI0bVEhOQfPG037c3APvC22Za1q-e9-vlH8RIVlSsuQMyCJXpeC0kXmRA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-xF4UGR0QfmMKGqnkReSVw2&google_push=Aa02lx_AIrI0kIdGHm24ys2GINR27X3JjmrF-QWziRcYJwFlI0bVEhOQfPG037c3APvC22Za1q-e9-vlH8RIVlSsuQMyCJXpeC0kXmRA
Request Chain 424
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOkRf6h2zR1xi4jWJMaEh4E&google_cver=1&google_push=Aa02lx--UxxJjrGXuxtSy5-AXxcHqLFlnNYsg6IL2CohHXZvouBMCoLUJJmn5FiKPZRCh02O-PczmwDcxSYWATm1rQFwr3elcraBO5kI HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOkRf6h2zR1xi4jWJMaEh4E&google_cver=1&google_push=Aa02lx--UxxJjrGXuxtSy5-AXxcHqLFlnNYsg6IL2CohHXZvouBMCoLUJJmn5FiKPZRCh02O-PczmwDcxSYWATm1rQFwr3elcraBO5kI&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx--UxxJjrGXuxtSy5-AXxcHqLFlnNYsg6IL2CohHXZvouBMCoLUJJmn5FiKPZRCh02O-PczmwDcxSYWATm1rQFwr3elcraBO5kI&google_hm=GHbSDGZHTiizMHpOREetfWxO
Request Chain 425
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELUSMkC3dD7sMjBQORNKbCU&google_cver=1&google_push=Aa02lx_3PhH4QWyEVe1iHT8z146qKa54E1emlF3nRYZ0Vs3hFPUBurIN0EiGHtras2b1ERg4ECGt--CxvUzgaoNKJj27uKP1yA3HCyI9VQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=7b98b217-8a90-4507-852e-bd18524b0892&%%GOOGLE_PUSH_PAIR%%
Request Chain 427
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx-sANq6Mms0gtroCYRL-cRTdMkfP38cT44QJf6qWmYe62p97ZaJWcqE853xPM7_FklefTweJYQQqlVr7eVZarXojpygX4DT5pY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-sANq6Mms0gtroCYRL-cRTdMkfP38cT44QJf6qWmYe62p97ZaJWcqE853xPM7_FklefTweJYQQqlVr7eVZarXojpygX4DT5pY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx-sANq6Mms0gtroCYRL-cRTdMkfP38cT44QJf6qWmYe62p97ZaJWcqE853xPM7_FklefTweJYQQqlVr7eVZarXojpygX4DT5pY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-sANq6Mms0gtroCYRL-cRTdMkfP38cT44QJf6qWmYe62p97ZaJWcqE853xPM7_FklefTweJYQQqlVr7eVZarXojpygX4DT5pY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 428
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPysEu4KqMTU3by4XZ0ANso&google_cver=1&google_push=Aa02lx_hcQ_XT0Y42E_Wnh3w8K2C_M33nJ9o1sXGTAoiJUpAH0xfilUT52RqVP1oVko8KcfzdB9BxyXdFklrUrii8FVxC-sG2S26_BM HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPysEu4KqMTU3by4XZ0ANso&google_cver=1&google_push=Aa02lx_hcQ_XT0Y42E_Wnh3w8K2C_M33nJ9o1sXGTAoiJUpAH0xfilUT52RqVP1oVko8KcfzdB9BxyXdFklrUrii8FVxC-sG2S26_BM&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mL_FPdQdRFqLgJx3D_g4bA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_hcQ_XT0Y42E_Wnh3w8K2C_M33nJ9o1sXGTAoiJUpAH0xfilUT52RqVP1oVko8KcfzdB9BxyXdFklrUrii8FVxC-sG2S26_BM
Request Chain 429
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEM6J9xn0N-a9qOKiMrInlVc&google_cver=1&google_push=Aa02lx9AXUhICe6KM6jvmeAn1PfqYHJa4a8knKnsNjMEkLIeBzahpg4eyCLJbdfjx0tH8mWvNRTmH4ToyPCHXtPeW_XAqKsC8UwfIg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9AXUhICe6KM6jvmeAn1PfqYHJa4a8knKnsNjMEkLIeBzahpg4eyCLJbdfjx0tH8mWvNRTmH4ToyPCHXtPeW_XAqKsC8UwfIg
Request Chain 430
  • https://match.360yield.com/match/ebda?google_gid=CAESEBtigVVjRKJN5SICtau288M&google_cver=1&google_push=Aa02lx8D_lCQxoxCxHTq0UsC7m9zKfyZAmuhM-ArVYbKOqmCzVKBxG7S4CLEmEYeK-fSK8ixg8fU7wFrvuEDclRxAGYnCZ3f5Y4X8A HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBtigVVjRKJN5SICtau288M&google_cver=1&google_push=Aa02lx8D_lCQxoxCxHTq0UsC7m9zKfyZAmuhM-ArVYbKOqmCzVKBxG7S4CLEmEYeK-fSK8ixg8fU7wFrvuEDclRxAGYnCZ3f5Y4X8A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=KZmG4zmUTSW3yR75tWbThg&google_push=Aa02lx8D_lCQxoxCxHTq0UsC7m9zKfyZAmuhM-ArVYbKOqmCzVKBxG7S4CLEmEYeK-fSK8ixg8fU7wFrvuEDclRxAGYnCZ3f5Y4X8A
Request Chain 431
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA4QYsnrINfPipCfyz1i_xM&google_cver=1&google_push=Aa02lx9QSJuuJPd19vPawncZv1GhDnh-M0a7J4j1j2jBVxaGLjm9cuhqpu2mt_bDstn5W0Vi7Lg-yT_rEN-hrQ9r-mDgblMpPTNtyis HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx9QSJuuJPd19vPawncZv1GhDnh-M0a7J4j1j2jBVxaGLjm9cuhqpu2mt_bDstn5W0Vi7Lg-yT_rEN-hrQ9r-mDgblMpPTNtyis&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675761756124 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3593d9ee-e5b1-44a7-8e7e-e9a804fe6201-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx9QSJuuJPd19vPawncZv1GhDnh-M0a7J4j1j2jBVxaGLjm9cuhqpu2mt_bDstn5W0Vi7Lg-yT_rEN-hrQ9r-mDgblMpPTNtyis%26google_hm%3DAzWT2e7lsUSnjn7pqAT-YgE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9QSJuuJPd19vPawncZv1GhDnh-M0a7J4j1j2jBVxaGLjm9cuhqpu2mt_bDstn5W0Vi7Lg-yT_rEN-hrQ9r-mDgblMpPTNtyis&google_hm=AzWT2e7lsUSnjn7pqAT-YgE
Request Chain 432
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDYsVKRSeMQI0xjGUNxVmyE&google_cver=1&google_push=Aa02lx8jJsFsFiFxovhpk-YRcwv779BAdSc76a9rCavBogVRqaKgQF0rdEI0ylUQHiMb0QOK92U0TcThvPs78iGIbBnlX3P8WIniIUk HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8jJsFsFiFxovhpk-YRcwv779BAdSc76a9rCavBogVRqaKgQF0rdEI0ylUQHiMb0QOK92U0TcThvPs78iGIbBnlX3P8WIniIUk&google_gid=CAESEDYsVKRSeMQI0xjGUNxVmyE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx8jJsFsFiFxovhpk-YRcwv779BAdSc76a9rCavBogVRqaKgQF0rdEI0ylUQHiMb0QOK92U0TcThvPs78iGIbBnlX3P8WIniIUk
Request Chain 435
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cver=1&google_push=Aa02lx8-rifUc4lkICc0fYwV7pktbB6Kvj96FcvHjJMYMu7OKtjqyi2SBJn0NZMETfB_4gzCph9NeRp-Q8OoLXVBJr7uuR95UocfmFw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cver=1&google_push=Aa02lx8-rifUc4lkICc0fYwV7pktbB6Kvj96FcvHjJMYMu7OKtjqyi2SBJn0NZMETfB_4gzCph9NeRp-Q8OoLXVBJr7uuR95UocfmFw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RW8weHZsYnYxUHBrYnE1&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cver=1&google_push=Aa02lx8-rifUc4lkICc0fYwV7pktbB6Kvj96FcvHjJMYMu7OKtjqyi2SBJn0NZMETfB_4gzCph9NeRp-Q8OoLXVBJr7uuR95UocfmFw
Request Chain 436
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFjcunc7ePeTMa0nl47itk&google_cver=1&google_push=Aa02lx_Luh16SqFyjSWqxwE7rWNCnXABMf7o9zcj64joE2gXrq3NJ0jtpQLwRir1SmcQyuzIAwD61PFErLJS-ymTR7z_xZuqP3KyquI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx_Luh16SqFyjSWqxwE7rWNCnXABMf7o9zcj64joE2gXrq3NJ0jtpQLwRir1SmcQyuzIAwD61PFErLJS-ymTR7z_xZuqP3KyquI
Request Chain 437
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENfq-4O-xkzG26ctR_mgacc&google_cver=1&google_push=Aa02lx8AQ7l-kPtIc8YRvqITSEpShVy_OgJWRRfzn6IwiEYH-WEixIo0Jyvzv3loG3AEfaqWp3CD94PM30O0Pvd0icAOrMT4Q0gNQWA HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=7b98b217-8a90-4507-852e-bd18524b0892 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=7b98b217-8a90-4507-852e-bd18524b0892 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=29ad7709-a9c6-4fe9-943e-d73342d62aaf&user_group=1&ssp=google&bsw_param=7b98b217-8a90-4507-852e-bd18524b0892 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=e5iyF4qQRQeFLr0YUksIkg== HTTP 302
  • https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESENfq-4O-xkzG26ctR_mgacc&google_cver=1
Request Chain 438
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMHu4Y62DPuhPVPGvzJrYU&google_cver=1&google_push=Aa02lx_mZ5s_GzXpwyf4Lo8SkkNwkmdkedEirm41_5HYUroIypfK1KVDIPGB5Pz3KhDk7j1TR2UAsHmaA2ZBa8CXYfWtnol0ufqPCuk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx_mZ5s_GzXpwyf4Lo8SkkNwkmdkedEirm41_5HYUroIypfK1KVDIPGB5Pz3KhDk7j1TR2UAsHmaA2ZBa8CXYfWtnol0ufqPCuk
Request Chain 439
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_cver=1&google_push=Aa02lx81c8v2zmlHqEYUsmeCaon8MJo11AM2N2ZfQKFBCvywTbhtmgGDyQt2PSX96VthmTkbMXNHo2PmcR6ZbZym0GdIITnhJ2MtjNw HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_push=Aa02lx81c8v2zmlHqEYUsmeCaon8MJo11AM2N2ZfQKFBCvywTbhtmgGDyQt2PSX96VthmTkbMXNHo2PmcR6ZbZym0GdIITnhJ2MtjNw&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_hm=Y-IYXJahVj7h3mo3JgEwQwAABJoAAAAB&google_nid=index&google_push=Aa02lx81c8v2zmlHqEYUsmeCaon8MJo11AM2N2ZfQKFBCvywTbhtmgGDyQt2PSX96VthmTkbMXNHo2PmcR6ZbZym0GdIITnhJ2MtjNw
Request Chain 440
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEM6J9xn0N-a9qOKiMrInlVc&google_cver=1&google_push=Aa02lx9CeXolyLbQssBjSt2K4algk3ZeAlM_yA7i8776IsuHrR6zwyr0WkuHeyKkb1Nj-khSKpOaCGNfEk_a_EujP6_W8khhrMQ0uGU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9CeXolyLbQssBjSt2K4algk3ZeAlM_yA7i8776IsuHrR6zwyr0WkuHeyKkb1Nj-khSKpOaCGNfEk_a_EujP6_W8khhrMQ0uGU
Request Chain 441
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGGPxI78yD7B74KQuil_ocw&google_cver=1&google_push=Aa02lx8pYVJ1IyHeEEDVTpBmqBMXAt5BWHVyGB-JKezgUu_4Db9xT_hVq6V5zQOotmzPDuYauUVBtjfhu2UVlsfL6DB6b1mfTKgQokPN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SbGpaWWx4RTJ1RU5CbkZhUTMwT21iY2h4b2lnNDJjMX5B&google_push=Aa02lx8pYVJ1IyHeEEDVTpBmqBMXAt5BWHVyGB-JKezgUu_4Db9xT_hVq6V5zQOotmzPDuYauUVBtjfhu2UVlsfL6DB6b1mfTKgQokPN
Request Chain 445
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDsRFYrIb8yQKwDlmwgExCo&google_cver=1&google_push=Aa02lx_jvNFUZC9Pgb13B7vPgjDTt72HdUs003nQkYnJBKoMsDegpsdtvObR9FUx4KjQudPEKw3juMbK5ZCr77l_GL3Y8nNw7Y57mQk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NzM0MTkzNzkxMTE5OTg5Mw%3D%3D&google_push=Aa02lx_jvNFUZC9Pgb13B7vPgjDTt72HdUs003nQkYnJBKoMsDegpsdtvObR9FUx4KjQudPEKw3juMbK5ZCr77l_GL3Y8nNw7Y57mQk
Request Chain 446
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENfq-4O-xkzG26ctR_mgacc&google_cver=1&google_push=Aa02lx8VehFq4s9bL3w84Z10Cv6pB7ROEkXVB7w8o31-KXJNGn6uxQSOcJ2pi1cqZ8YTziCFZYPgQplYpNIuzDvHPwiNODsYv1b0rhA HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c674d416-b260-42c6-b456-c7fb4ce85264&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8VehFq4s9bL3w84Z10Cv6pB7ROEkXVB7w8o31-KXJNGn6uxQSOcJ2pi1cqZ8YTziCFZYPgQplYpNIuzDvHPwiNODsYv1b0rhA&google_hm=e5iyF4qQRQeFLr0YUksIkg==
Request Chain 447
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAVA7R2YHYO1qbAhk3dygEo&google_cver=1&google_push=Aa02lx_S2QjavoC0eFBFWet4dUPhiCs21fytVnnLIRKt6UHVk_vugzOP_r9rT-Mp1Kb7AtzDE2vxZSlodVPBQNDgdeE6BUK6h2b0yQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_S2QjavoC0eFBFWet4dUPhiCs21fytVnnLIRKt6UHVk_vugzOP_r9rT-Mp1Kb7AtzDE2vxZSlodVPBQNDgdeE6BUK6h2b0yQ
Request Chain 448
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA4QYsnrINfPipCfyz1i_xM&google_cver=1&google_push=Aa02lx_eNyti5Vw414xk0YU_zx-gVltid9K-pjPWYkiHBZw-SlwAn_4Q_65JnLTYKC_JedPXEoPbjRAhSIHns8pdHwbsAkqJ3fTGaN4 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_eNyti5Vw414xk0YU_zx-gVltid9K-pjPWYkiHBZw-SlwAn_4Q_65JnLTYKC_JedPXEoPbjRAhSIHns8pdHwbsAkqJ3fTGaN4&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675761756125 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3593d9ee-e5b1-44a7-8e7e-e9a804fe6201-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_eNyti5Vw414xk0YU_zx-gVltid9K-pjPWYkiHBZw-SlwAn_4Q_65JnLTYKC_JedPXEoPbjRAhSIHns8pdHwbsAkqJ3fTGaN4%26google_hm%3DAzWT2e7lsUSnjn7pqAT-YgE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_eNyti5Vw414xk0YU_zx-gVltid9K-pjPWYkiHBZw-SlwAn_4Q_65JnLTYKC_JedPXEoPbjRAhSIHns8pdHwbsAkqJ3fTGaN4&google_hm=AzWT2e7lsUSnjn7pqAT-YgE
Request Chain 450
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKizTKUA6eW-3RCu4HYvxQg&google_cver=1&google_push=Aa02lx-CXmd-gWv4YxacTnobs_asoCwgjLngnM2GjeLjyp53fyN7Y-kwnxIKwSP7-kxxvoc2XuXhB-2s8xSahf__MkTiGB6MG0-0M8FC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx-CXmd-gWv4YxacTnobs_asoCwgjLngnM2GjeLjyp53fyN7Y-kwnxIKwSP7-kxxvoc2XuXhB-2s8xSahf__MkTiGB6MG0-0M8FC HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 474
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFjcunc7ePeTMa0nl47itk&google_cver=1&google_push=Aa02lx_HP03OVA5b5EbwTqw9y13yzVBGsocdidA_jy4c4ken3mGVmzv89sJD7gInXZ5B-Jh_NHMBHHFxndfPeLkZImGKD8Nhdu0QRwP1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx_HP03OVA5b5EbwTqw9y13yzVBGsocdidA_jy4c4ken3mGVmzv89sJD7gInXZ5B-Jh_NHMBHHFxndfPeLkZImGKD8Nhdu0QRwP1
Request Chain 476
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIdpFSniZmQmD2Rkh_VkScc&google_cver=1&google_push=Aa02lx-i9OeRwPDNZPk34BIDQCNyzN7tOrHDEf3cDdkzCgzf5q2lm2WsDpsjukE_PFyTXwJSXIwyPAp3cjp737umLmBvnarw857Aksug HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-i9OeRwPDNZPk34BIDQCNyzN7tOrHDEf3cDdkzCgzf5q2lm2WsDpsjukE_PFyTXwJSXIwyPAp3cjp737umLmBvnarw857Aksug&google_hm=zoGiFF0fTcmwuyQUwI8NPmc
Request Chain 478
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGFa0amh1FfRqxhaLKJw5ro&google_cver=1&google_push=Aa02lx8p8iQXMhSZsvBf7hIjDcmntOqoxp9reullF1U7JoO8gC7D1WqzDXI96kjW42PqXKBvedXfy0khQgZdZtIZqmvv7CFxCclccCKf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU4MTcwNjk5MDUzMjA0NzM2MA&google_push=Aa02lx8p8iQXMhSZsvBf7hIjDcmntOqoxp9reullF1U7JoO8gC7D1WqzDXI96kjW42PqXKBvedXfy0khQgZdZtIZqmvv7CFxCclccCKf
Request Chain 479
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMHu4Y62DPuhPVPGvzJrYU&google_cver=1&google_push=Aa02lx9xWesqUpGAnsfc_pbaBwockdEsdl6MXg7Iq4H-rDbCIISZzxr3qOuTdtL4aMEXSxWRkaVr-FZM2ZWzL7xwx3RlXFZmcuzn5Wg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx9xWesqUpGAnsfc_pbaBwockdEsdl6MXg7Iq4H-rDbCIISZzxr3qOuTdtL4aMEXSxWRkaVr-FZM2ZWzL7xwx3RlXFZmcuzn5Wg
Request Chain 480
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKizTKUA6eW-3RCu4HYvxQg&google_cver=1&google_push=Aa02lx9RLgYnvx8r_VXzpqV-z9unLngCcSn4U_CVmxqiQRpPk1lCGxMxFwJ5Gl8M-m9GDveB9l-0Dt25C20zO_qxXL2oiZ_L8jrvqnsu4w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9RLgYnvx8r_VXzpqV-z9unLngCcSn4U_CVmxqiQRpPk1lCGxMxFwJ5Gl8M-m9GDveB9l-0Dt25C20zO_qxXL2oiZ_L8jrvqnsu4w HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 495
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=48fe64c0-4a8a-48f4-bdba-c01313cfc92d
Request Chain 498
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Request Chain 499
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Request Chain 500
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI99FzmcRpC7XE05ccINjxM&google_cver=1&google_push=Aa02lx-H-WOBh2A0EkaLPujgGFokkiFW_9n8kWlX0ocZU8B4ZOli17PZ72V389TCnfJxuIetYToehJMxRGu2eSrXRDhael1XkKBuZVo HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-H-WOBh2A0EkaLPujgGFokkiFW_9n8kWlX0ocZU8B4ZOli17PZ72V389TCnfJxuIetYToehJMxRGu2eSrXRDhael1XkKBuZVo&google_hm=ekH96Py7hg2SomwxYe7a0g
Request Chain 501
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFjcunc7ePeTMa0nl47itk&google_cver=1&google_push=Aa02lx972Njk_6x9g8Z2q1tjUGNyM87ZYmEaSmuhw6bG-4-AJajkjS_yDp4tHVJnT_-Or-4ILMXsIsV_xRtcbmNUdrZ5ky7zt5I9mOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx972Njk_6x9g8Z2q1tjUGNyM87ZYmEaSmuhw6bG-4-AJajkjS_yDp4tHVJnT_-Or-4ILMXsIsV_xRtcbmNUdrZ5ky7zt5I9mOw
Request Chain 503
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDsRFYrIb8yQKwDlmwgExCo&google_cver=1&google_push=Aa02lx_lrju6426lUdd-3gcpi6e1CYFp1aXdrLHXO2zCk-e7xKRh0Dc6a24nssdpEV24tmg5YCMOVMAjP0Hvl0I0I6Yx4WmSVkD6RCA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NzM0MTkzNzkxMTE5OTg5Mw%3D%3D&google_push=Aa02lx_lrju6426lUdd-3gcpi6e1CYFp1aXdrLHXO2zCk-e7xKRh0Dc6a24nssdpEV24tmg5YCMOVMAjP0Hvl0I0I6Yx4WmSVkD6RCA
Request Chain 504
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFEXwPySH5IJhYeoOWmepL8&google_cver=1&google_push=Aa02lx8Ezc5PQL-95bUt6xCySChZH3KU4wqfTB5NrieISEx8NB8yghU3C8eHYGeAgXI9x1wXoWtAoD3drfYqljXowSsT7wsfrUv2CXg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8Ezc5PQL-95bUt6xCySChZH3KU4wqfTB5NrieISEx8NB8yghU3C8eHYGeAgXI9x1wXoWtAoD3drfYqljXowSsT7wsfrUv2CXg&google_hm=eS05VzN3UFpCRTJwSGdYOFpBOERnZ3c5SC5NcW1EV0hXbH5B
Request Chain 505
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPysEu4KqMTU3by4XZ0ANso&google_cver=1&google_push=Aa02lx8fy6OucgxFpBAszspTPA_NkvOISzjbBihCHesVCjGw5exb1z_FhreaeLIErLWu9emp0OC_VkQ-bo1fBRfH92sxCtUhnzmR6JI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mL_FPdQdRFqLgJx3D_g4bA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8fy6OucgxFpBAszspTPA_NkvOISzjbBihCHesVCjGw5exb1z_FhreaeLIErLWu9emp0OC_VkQ-bo1fBRfH92sxCtUhnzmR6JI
Request Chain 506
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_cver=1&google_push=Aa02lx-bA7SBGQOAENpzmMdfi4sGQ4GKK_6anHPhR6w7wsxEL3NjNcvMC2BNczKJp4MWZuv_v9iHCgRXUokRTZ-m8v-yqGbeqDlaSck HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_hm=Y-IYXJahVj7h3mo3JgEwQwAABJoAAAAB&google_nid=index&google_push=Aa02lx-bA7SBGQOAENpzmMdfi4sGQ4GKK_6anHPhR6w7wsxEL3NjNcvMC2BNczKJp4MWZuv_v9iHCgRXUokRTZ-m8v-yqGbeqDlaSck
Request Chain 572
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CIKgr4KLg_0CFQzdEQgd5G8F1w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675761757_f6a0d980-a6c8-11ed-acb0-22645d5ed731
Request Chain 577
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f6750e90-a6c8-11ed-ab4b-226222ea62e0&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 581
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COipr4KLg_0CFWnGuwgdbFgKCA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3DviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023020710223881356755537X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020710223881356755537X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218
Request Chain 584
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f67b7730-a6c8-11ed-b22f-2232cde24fee&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 591
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNSpr4KLg_0CFSGGgwcdOZQG_g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117679V1226132702M%26subid%3DviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023020710223881356755535X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020710223881356755535X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Request Chain 594
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f67387f0-a6c8-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 601
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f6775880-a6c8-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 609
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidQM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQroneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJCor4KLg_0CFWTjuwgdSTQDwQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidQM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQroneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidQM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQroneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675761757_f69f04c1-a6c8-11ed-a8d1-22346ba814b1
Request Chain 618
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneid241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwVoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675761757_f68a6b50-a6c8-11ed-acb0-22645d5ed731
Request Chain 623
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJqvr4KLg_0CFd6g_QcdllMO2Q;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023020710223881356755539X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020710223881356755539X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
Request Chain 626
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f68fe990-a6c8-11ed-ab4b-226222ea62e0&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 633
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f696c760-a6c8-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 641
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D112793V1226132702M%26subid%3DviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLKur4KLg_0CFW6Z_QcdsQYFEA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D112793V1226132702M%26subid%3DviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023020710223881356755533X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020710223881356755533X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218
Request Chain 644
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f6971580-a6c8-11ed-acb0-22645d5ed731&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 663
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f502d07f-d441-4286-881b-bbb4297e4aea
Request Chain 666
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Request Chain 667
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Request Chain 741
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b16571c8-fb10-403c-8214-c696ae2c932f
Request Chain 744
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Request Chain 745
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Request Chain 763
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e8ec2a5d-a3e7-48c1-a8ad-b907b6aadfa5
Request Chain 766
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Request Chain 767
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Request Chain 785
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=7f259071-9671-4e0c-84fb-b0b7a23de724
Request Chain 788
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Request Chain 789
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Request Chain 807
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP 307
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=25fd2c88-fb01-410a-86df-1701494c78dc
Request Chain 810
  • https://ad.turn.com/r/cs?pid=65 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Request Chain 811
  • https://sync.srv.stackadapt.com/sync?nid=161 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c

803 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.lebanonfiles.com/
Redirect Chain
  • http://lebanonfiles.com/
  • http://www.lebanonfiles.com/
289 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5e4b25bca8c9a9d312d0bd15bf1d0761f3a2e7d2483865111b105382d4865e5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
795b0fc5ac2692a7-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 07 Feb 2023 09:22:32 GMT
ITW-Cache
HIT
Link
<https://www.lebanonfiles.com/wp-json/>; rel="https://api.w.org/", <https://www.lebanonfiles.com/wp-json/wp/v2/pages/182>; rel="alternate"; type="application/json", <https://www.lebanonfiles.com/>; rel=shortlink
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZSP5qiYodLQMDEgj5WXfFJYmMJgyoKwH0g3UAz4w37AlVB%2FVTg4L1CDX4mZIiKkuD0I%2BE0bvO5uNFbdHT0EeTqaev4%2Bta%2FMFC4xM2y4QLn2IljxfbDs9k3qqFh%2Fo0iQFbKrDIo0BlhxUnrimah7NKrb"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Server-Timing
cf-q-config;dur=6.0000002122251e-06
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-CF-Powered-By
WP Rocket 3.4.4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
795b0fc4d98239e6-FRA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/html
Date
Tue, 07 Feb 2023 09:22:31 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Location
http://www.lebanonfiles.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEmq%2Fel%2BVN%2BbFesT8xZcJ1%2Bjcqesqkup%2FXWM9XP9NasexMMH5%2BwwJXhw%2FpW1oojzOgmSv5cDDUfdr1O877IhdDF0hcd4UmqZKa2BAfEQaV2oacjD5OcIstJucGuz7lWRfFAOYNnPfdvwZyCcOV0%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Server-Timing
cf-q-config;dur=8.0000008892966e-06
Strict-Transport-Security
max-age=15768000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
styles.css
www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.2
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538449
cf-polished
origSize=2731
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 23 Jun 2022 19:48:45 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FQQNh6Sbo3vLL5yX9mzHuRqn%2BrTkNblTaX16G1kQTrrOo0jdutT5icRNH%2BpQUdUWyt93Qqpex20Ux11XIegjWGWIN1GYT0raodkOc%2FboUT7eWwH6WGS1O10m1UytGQDh0wOEDqikpQka1KsZo6T6330"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
795b0fc76cf53815-FRA
expires
Fri, 15 Sep 2023 05:33:05 GMT
triangle-mena-news-coverage-public.css
www.lebanonfiles.com/wp-content/plugins/triangle-mena-news-coverage/public/css/ 		0
332 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/triangle-mena-news-coverage/public/css/triangle-mena-news-coverage-public.css?ver=1.3.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538449
cf-polished
origSize=98
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
cf-bgj
minify
last-modified
Tue, 28 Jan 2020 12:11:23 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRz2rJPaqPg8oemoKjMygT81dOmKHA1dMV9%2Fh0V7Rs9lBoyaZnfHUlFLoSixR8qtYGwyPtlF4%2FUPflxS9oCcm9uOC8w%2BwxnbR98u34FxWGwXWY%2FmHLmkffGeWVGlaCTSRkoJM1FRt1aUySOPeoOpgoC6"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc76cf73815-FRA
expires
Fri, 15 Sep 2023 05:33:03 GMT
plyr.min.css
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/plyrJs/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/plyrJs/plyr.min.css?ver=12.2.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c3718a6ae4f2eb59d54458122825583392158ad8664f85806610271ad31f392

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 08:55:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
538449
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zo6vJgFn7kVmmO0OwwU2J7cIBfLfCiE8HTByt0uQdFmpj%2BFMiZ2nnubSOOII26blvGsw7oY0tY3StuEbvxWVjGGnE1Cbf62xNyfOwm1jvjBCPLHIhlh2tzGpFAuhAHDrS4QVcQDqissfvtjAlPHjiirk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
795b0fc76cf93815-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 19 Jan 2024 13:26:04 GMT
style.css
www.lebanonfiles.com/wp-content/themes/lebanonfiles/ 		308 KB
48 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f8b8c050b9481a6ec459e18f0a6545294badc0eaebbb96ac6a9e62ec6461d0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538449
cf-polished
origSize=378915
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 19 Jan 2023 13:26:01 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yiTIK3L6hYGo64gNyk5nVPRKXpk1OCDXriu0Y5u6qSCNvZW6%2BNTLGfdcvlOv6QxUn4N3pi7RnBuxDWNoPXdt4aMxQLcLuvUQxs8%2BAxHgvpUTd56AIg9vsxNRxfDqmqb%2FQgCjYg5Jz%2Ft2bPM%2FS9igOhZj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
795b0fc76cfb3815-FRA
expires
Fri, 19 Jan 2024 13:26:04 GMT
simplebar.css
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/simplebar/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/simplebar/simplebar.css?ver=12.2.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
398479678a61a08fb0c4c6608eb274f3ff3900e40d6008f5d4b90c8d06efd331

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
538449
cf-polished
origSize=3819
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rw0e9szFPmiV5Z28C4VPrgbVRK9i34j1zb%2FbNNibRz686BBmcDDjJTdF5CpveBRdcr2RxyjgKs5dmU8OEdwCwtZFO%2FxM4k2MpZBT%2FzH4k93lzls4MRvP5JIDPv%2BD40Mtx3LXUpPCSqKfBSDelRUSMHKG"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
795b0fc76cfd3815-FRA
expires
Fri, 19 Jan 2024 13:26:04 GMT
swiper.min.css
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.css?ver=12.2.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67b6584af0fff14908d8f05c0eb9d59cb809da113feffd197f3ddb38a779ea45

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Feb 2020 22:12:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
538449
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unvvE%2FGoNM8JwY3HntIDwP3LM8mLp72uMyywaSX4uLhUsfFRFCQ%2BX6PIwBGyzrHTSlUrPYm01%2F%2Bbtrq5T8pGYD19Kk6lZGhxHcmLTCu0pmE%2FivAN16uNwFrQt5Xo7QJd38YdvDLP8fAj6hXtUFV0%2B7UY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
795b0fc76cff3815-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 19 Jan 2024 13:26:04 GMT
%D8%A7%D9%84%D8%B3%D9%81%D8%A7%D8%B1%D8%A9-150x101.webp
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/%D8%A7%D9%84%D8%B3%D9%81%D8%A7%D8%B1%D8%A9-150x101.webp
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fa487766c823e05b2299f9bd00ff6537696ba5a023802bf81105565b30f5fa0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 09:14:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
453
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdlVMoCwI6DigsugUTLoocfcn3GQWa0lMcx69ugZF12b8JJQ5qpMCB1tcd7qWGG17Wv1Wh0tknTm3bpZ5zAyiqijSSzDAzEco3RqXdv5p6PB7ep2RhuqZlKxlEI77Egyblg88%2FvwMALBWDkxDt4bKbta"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
795b0fc76d033815-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4168
itw-cache
MISS
h-4BRp7I-150x101.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/h-4BRp7I-150x101.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6724f4c12dbb399c6b6b301b580559a256a89a10e8b828d4498118086c2e84b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1452
cf-polished
degrade=85, origSize=6505
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6165
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 06:23:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6PaNAqZwjnk852uRtrgg0hU3Xop6e0mDfJRxAQiAl9cCr27yfBt4VyfAEcTbAUQcznCmGN3BTlpxssSlWU0iOThsqyzEWiAPKgyuiGpwoFQVzZjRhRkRNjQRY0ojriRjOFkavQiFj1cbY9ruqdP1RnY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc76d043815-FRA
expires
Wed, 07 Feb 2024 08:56:42 GMT
turkiye-150x101.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/turkiye-150x101.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe9c117451b901537b7ec34e045d3ec927481aae3e3718e602a8e1876c4ce2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3521
cf-polished
degrade=85, origSize=5087
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4859
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 08:21:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fv9NxTb8FE3P6Nzg2FYxBtwfeqUKruQOpxGy5UpXkOzsQj%2BQhNJo1NFHyPCigc3T%2BEomnm%2BpEjHUMcFqsGncr7Bm7uyUFnuiS8SIsv0LqGt1KhP4xgmirc4UClDiFN5rGQeAiZktICyWIqqRJor3LIda"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc79d4b3815-FRA
expires
Wed, 07 Feb 2024 08:22:04 GMT
live-news-icon.svg
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/live-news-icon.svg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9835caf857ce89641ff388de4d9deb25ef12912ae950b5c3d7f35ef709b7bf54

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Mar 2020 08:25:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
535965
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8phsj4J8j4hHAXSdEKmuVhpSuwwSNEpq7f991fIS%2B%2BaTgHN%2BOsXJrxjaxcHNVn8aP3C3QZZL%2FDNfscBM9WBPc%2BD2%2FSilpS8XmPyT3UcmJGvdpytoeESO256X3PNe9wah9xBG9djjI5PIdn%2FUHhHEQYBh"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
795b0fc79d4d3815-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
trianglemena-logo.png
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/trianglemena-logo.png
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db5d999e356d97a5cf821870429655191d582cb778c71312215215751b922eb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
324904
cf-polished
origSize=6872
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3837
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jan 2020 20:48:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlix7XG1n01ulEFRiuVOVlBSS8SCxZWt73FmHeGtWVMu0MB%2BZnHsbnqwqVNCic7Amfw6ZNl0O7TiRvkFp9ZpJDgYd1%2FlhxMhxwUBr3O%2FPVW%2BUOTZWLKe0I0HSeuGyYpJojRhV%2FwKewbH4%2FKyZSfHEdd4"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc79d4e3815-FRA
expires
Fri, 26 Jan 2024 22:14:42 GMT
rocket-loader.min.js
www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:32 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 03 Feb 2023 16:56:26 GMT
Server
cloudflare
ETag
W/"63dd3cba-302c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfIASxTxhFS4kWyojkyCuMwXg9mMXNPl8cv5NrsHg%2Fo%2BOvhLcGH6%2FlFgs%2F8RY6LkVafpwdTpFjrcfDmfNym5vdkoi4B1A%2FgK3XPLgFsTmLnBSOo9Rp%2F434pnALrsxmwyOUEIHaSTPpmPx34IZdUNmgq4"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
X-Frame-Options
DENY
Cache-Control
max-age=172800, public
CF-RAY
795b0fc72d1192a7-FRA
Expires
Thu, 09 Feb 2023 09:22:32 GMT
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
http://www.lebanonfiles.com/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
795b0fc7cb353635-FRA
logo.svg
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		14 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/logo.svg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b545867fa76275afab94da71ec2e4059d9694e77e7e3f3a879d16e677f0ec2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1vagHdve0Z2HzeHE%2FHyvV33LRDTN4e9FOLZlpFEGcP5Kj1hSQ49WFSrXGgJWExAvwIsvo1nnk3CYsszWN1rMa943ICPTi3Ics0FisAl1aWcEVu6nLAmzAb91YUhNahAgH9t120VWpoQ1Q1uGYlHLoWs"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
795b0fc82e1f3815-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:06 GMT
ticker-icon.svg
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		1 KB
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ticker-icon.svg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c25f17d25f76448906480fb83546ad8d0f7bdcb900a172c1d3f7488f34db723

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Sep 2020 10:11:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
536868
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGohww9dAaLQI0pa11I8RhrgwzUciasyrJxyY1GQcHQ38M80%2B6ObEZj9V6jKSTxvTBkGbS8LBMQ4qLrO0Udo82uEbLe0Gh6gldVigl8%2FW5toBCKY5H%2BVTeO2GbLHdPGOFy0JouQtXTHJQ1a1jmX50dv%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
795b0fc82e213815-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 23 Jan 2024 22:34:11 GMT
lf-small-icon.svg
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/lf-small-icon.svg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b791d9b523b9be4615eed3ada77b540ecb01bcdbec149b19d7b3a323300662e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Sep 2020 10:11:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QamVVoXVqa1NPHYfxIG0R1fnxEsgv1qoQj8pY%2BV8wtnxW%2FfH5ohiZTDaYNS36tJZB16M80kAKyHSx1F3%2FltWav0NjkPV1ypO68meWssXXfcUJBruszL2UNDnfjN4bQ5KdXnqO1X%2F%2BuOxNt1f%2Boa8038T"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
795b0fc82e243815-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:06 GMT
%D8%B8%D8%A7%D9%81%D8%B1-%D9%86%D8%A7%D8%B5%D8%B1-300x172.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/%D8%B8%D8%A7%D9%81%D8%B1-%D9%86%D8%A7%D8%B5%D8%B1-300x172.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db384cfb2689df88523dd7e5c0498fca94d5bc395cf920536b3b1f5f01e87217

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16054
cf-polished
degrade=85, origSize=7852
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7751
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 04:51:27 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzpMa4iMGI96qv8aIJPEfOZ9lx6Nul9c7oLTctS2ZCKunBdbpHj8A%2FPbp3w3aglcYxtsm060moR6EXJvsqW0q8LJkUpVbt6h7lLwYglv7lOwbeDkLoXIlRVSQJdAUopG%2BKo%2FlU7JKtUaZlHX1nIqFTnp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc82e283815-FRA
expires
Wed, 07 Feb 2024 04:52:38 GMT
5cd58142-ff17-4831-83d7-084fef3e1522-e1675705278761-300x148.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/5cd58142-ff17-4831-83d7-084fef3e1522-e1675705278761-300x148.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d45094f872342000f99c47850cdf77a2a25c81da19fd02157f81ec5ba0a6d704

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56405
cf-polished
degrade=85, origSize=5795
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5695
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 17:41:18 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKh7azrRWLSpSvee6FOSaeKKnTx0OvnoqUcDZc%2FsStPA2%2Ff11byblSmW8AlB4YB2ki%2F9OssN7JPSOyCjK97vDYPAreNNB0z6NeKptGgzmouE0oe2C5n9K1D41oDqu%2FRMRui0ltyBG751FUHYCTsEtqDv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc82e293815-FRA
expires
Tue, 06 Feb 2024 17:42:22 GMT
61420c17-a478-4d75-a987-a4c6cb1bf2da-e1675696882987-300x287.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/61420c17-a478-4d75-a987-a4c6cb1bf2da-e1675696882987-300x287.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f4e452e1e9fefc4ebbd6034f27bfb8fe7a720237db8ef720a75d8a8cff58b34

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64828
cf-polished
degrade=85, origSize=17622
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16762
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 15:21:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVSxVjp2AWscRZQ6LYNwFqr0cuqfBbpx3H1AjYNABDOJaTkt51eO5%2BkSzetdKOJPplPmNtV4W7JqkZ9NbCeEiXIbwWUuARHG5RLtoJlNaZAOndlylWkzaJmN5tSyvPu0T9s%2BHG5o5GQVwBXf329o7PsL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc82e2a3815-FRA
expires
Tue, 06 Feb 2024 15:21:49 GMT
yawmdesaterbg.png
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		212 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/yawmdesaterbg.png
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401322bc63046615783e0c917807bb0f898efa0b5ecc2fc4d18673ebc81f695b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
536635
cf-polished
origSize=230045
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
217063
cf-bgj
imgq:85,h2pri
last-modified
Fri, 19 Feb 2021 07:14:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kknu3qDjnP53WbaU8ogs5M1ivcP%2F92ViwRGxszmnZ%2B%2BO1xQam%2BW7mMwk1Ws87Oy7ws%2Bhp7mx9s8c82Plf4dzFguQgq1mNz6iC4o18Dh7uolEpolb94XAod3FYagZRlDBabb0rLQZHu%2BNG%2BLB9oGEirA"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc82e2c3815-FRA
expires
Thu, 04 Jan 2024 22:02:51 GMT
video-icon.svg
www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/ 		1 KB
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/images/video-icon.svg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81519deacce30ac3640700d27b2125240a8e7c5418d7798c83aba2067f620463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
536822
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h82M4ndrJ29pXgdRiYRAjykL6nAbe4r14BKfj6PhmxJzYYdwuJJ8LJJC9%2B%2FyLDzBfl4RNoYLJithUryPodn6qe8vxonjJKJbLtQcNGxgyJ5E4WYivaA89OkA%2BCIhn%2BVfYE8LYI%2BZvUh2W0S3y2zWqX7Z"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
795b0fc83e323815-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 26 Jan 2024 00:54:05 GMT
%D8%B8%D8%A7%D9%81%D8%B1-%D9%86%D8%A7%D8%B5%D8%B1.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/%D8%B8%D8%A7%D9%81%D8%B1-%D9%86%D8%A7%D8%B5%D8%B1.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e421b44d2ede60ccda5347bab6dbf3470f8c1aab75a5c4f83280c0765672504b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16213
cf-polished
degrade=85, origSize=49141
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25273
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 04:51:27 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEuuY2BHCDNyRAFhZobdMy2qVG5%2FBDh6Xb59I1Vm1B9tne7JM5MS12PPHsbQC7fPxjVYPPC6bontX067KPdBE%2FnoyZWppQmdc8PIwt%2Fko2080H3D%2FZ8mjK%2FZjT6fN2b0Y0ZV3aciroVFpMLq%2B54Bm6lh"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc83e333815-FRA
expires
Wed, 07 Feb 2024 04:52:19 GMT
5cd58142-ff17-4831-83d7-084fef3e1522-e1675705278761.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/5cd58142-ff17-4831-83d7-084fef3e1522-e1675705278761.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68608a0cb68dee07f5e9c8c5d868c3211cf64df93c101ce9b3b95644c332c014

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
56405
cf-polished
degrade=85, origSize=17760
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17498
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 17:41:18 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVxK3KkyyV1XsQR7TNJIQXdyMkYwjD4STYL1dp%2FwrypZ26Ou1BCGupQm%2BM2qgHTx08aHO%2FeleclmR9ZWj3t2fGvoAsYFeViOZ9062fOmhDEz9VDKz1DyowicYoVOoScHNH8xuOTVwDEkjuizklyiLo1Q"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc83e363815-FRA
expires
Tue, 06 Feb 2024 17:42:22 GMT
61420c17-a478-4d75-a987-a4c6cb1bf2da-e1675696882987.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/61420c17-a478-4d75-a987-a4c6cb1bf2da-e1675696882987.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dd4f0166bc79b7989521444108f3d3b56a3579280e59c7bf1e54c6595d0116d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64828
cf-polished
degrade=85, origSize=56907
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55311
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 15:21:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFW2iYc0lcJWSuJ0snz%2BEBJfQFMw4cXCEDZXMPtkiCNbHqdKdud6lV4A1qnCafCTSWJvqH2i6t99PZqMdGboMtpxobJDvedTXD1Uv%2F%2BPqXc%2Fk8MKzE3SKRUFHtI%2FylffjGkiSqdjzwE5nxxz0y7OgtrT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc83e373815-FRA
expires
Tue, 06 Feb 2024 15:21:49 GMT
Screenshot-2023-02-01-140232.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/Screenshot-2023-02-01-140232.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b0398309751310521c4cf914e5229bcb3ab7c446a4dbea0c4605690db08cc21

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
508560
cf-polished
degrade=85, origSize=60339
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40180
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Feb 2023 12:02:35 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJ2WItDHTKmhASWnnd%2FBTJlHVGmjweJBqf8ePaSN%2F9lolC3J2KzctpylZWBR9h%2FHTKvHQlHCHjlfCYkffFppj%2BuRimo7DiZgZbARBB4vGFfEotZcpJfbbsC2oMANBdkAP%2Fchtj1Zkm%2BF0kFfY5qJ6N4f"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc83e393815-FRA
expires
Thu, 01 Feb 2024 12:02:44 GMT
Screenshot-2023-02-01-135802.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/Screenshot-2023-02-01-135802.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85cae9fd2c56d6351de8626f9b2d3d981b459cfe1e8ee871f565054e75ab25c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
289309
cf-polished
degrade=85, origSize=27568
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18639
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Feb 2023 11:58:08 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqUrNQtsqGxOv8cHwHQFQDLiL6B%2B11fEXqyPsTRNiWLVC0yFZnLiEq1%2FseFflTV996S0IfuI5cQlygRiDRwmiXWw3wUx7LpfMETwt4PRi04hIIxbz28PL05folGWFRTk5ub%2Bz7ePHT%2B1G0M%2BIubZssxW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc83e3c3815-FRA
expires
Thu, 01 Feb 2024 11:58:42 GMT
truncated
/ 		152 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81f5a03e1b49cbe1692501481bd08328870b21f448be669a04666ae2a6c96855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		150 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d47a786c6b9e0f114e0ff0c92a8ff81d27d822447e41279494336c84560ea675

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
ArbFONTS-The-Sans-Plain.otf
www.lebanonfiles.com/wp-content/themes/lebanonfiles/fonts/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/fonts/ArbFONTS-The-Sans-Plain.otf
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6f14410f46ae33b84e0707dcf7bb436b153e7ee83485b583592052a48e983b6

Request headers

Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182143
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60160
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vF%2BbsHTkvircRsz09DfA7MRT%2Bw9bQ64YQR3QHGFDBjCUdIlsrgbjHtQTlJQAwS7Rx2LfB2auxS7n3unBqTUckV9HVZ7wLbjTLVfgyJl3SjJRTGQ0LN%2BKkrXkEkYSpWcZO2R0Rpc7CpP7kXVGUMfe%2FZUA"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc88aa96957-FRA
expires
Wed, 03 Jan 2024 02:36:06 GMT
fontawesome-webfont.woff2
www.lebanonfiles.com/wp-content/themes/lebanonfiles/font-awesome/fonts/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/font-awesome/fonts/font-awesome/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94711
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Sbt%2B7k0lRH5wcVIiiHN4dIGGQL1sa%2B3iKL%2BMLRBmf1PaHV4AhG06cidU5Z%2F%2BjFDZ5xyY49BvF5yPnIPY4ADfNqQhjhflT47d80skldAQWESy3w0HvwDvRHB%2FWYDg%2By8pkDWLPfYRFgXAa5zYVKZKO2%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc88aa76957-FRA
expires
Wed, 03 Jan 2024 02:36:06 GMT
ArbFONTS-The-Sans-Bold.otf
www.lebanonfiles.com/wp-content/themes/lebanonfiles/fonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/fonts/ArbFONTS-The-Sans-Bold.otf
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
707d47e8f794caef2636919f7e4a1ee998ee9280fa0798af057c605a5894d569

Request headers

Referer
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/style.css?ver=12.2.0
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
182143
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59664
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nx8QhSGFzPJVMW%2BoVgOOf2FBShsXJGGs72DKaDE2omrQnuwo7CIA4VHe9TRlzxC562rMao6xBFqZt5mvmHidUVFlCvYJU%2Bo%2F6L0lD206EPFSMrwzNaClorgZsePTluf2aRKtvKE%2FabsPZ%2Fj6hU%2FE9Jqn"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc88aa86957-FRA
expires
Sat, 06 Jan 2024 20:43:07 GMT
2wer77i-400x232.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/2wer77i-400x232.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a202b2b8321c7bd6d4c81d68c23aa4338a67477cb235891bf23f91f34426ffde

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14199
cf-polished
degrade=85, origSize=20241
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18653
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 05:28:01 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QASNfwAGc1rQT2agmuG7n7TFjs%2FnJB%2BOdcWG8Z9J842jXwmevh93hIAp5Mtk8IisW3ywfvbeHFxkm8j5xVN3rCiujt601Eethe86dWbN2mpaMPaWw9IBvT6XPU%2BWFTGQJGVe72OOY3NovKiY83M0yB0Y"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc88dd93807-FRA
expires
Wed, 07 Feb 2024 05:25:32 GMT
%D8%A7%D9%84%D8%A8%D9%8A%D8%B7%D8%A7%D8%B1-400x232.jpg
www.lebanonfiles.com/wp-content/uploads/2023/01/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/01/%D8%A7%D9%84%D8%A8%D9%8A%D8%B7%D8%A7%D8%B1-400x232.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ec7ef8fc9f795b431b1bc5f8e284ca525ef65fb9580e268a96027e839b7ed06

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15946
cf-polished
degrade=85, origSize=19348
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16186
cf-bgj
imgq:85,h2pri
last-modified
Thu, 26 Jan 2023 11:27:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GeWFPXm%2Bc4xbjTjiEXRaZxXRStVapiKnkbx3EMRnoh02Oc%2FeWivp0CK9DgSDQxLYvw7%2FMTm1MsOqULCQhwKHasxLS5Jht3dWX6atCyVdq7CAGOQgYTtUi8Oo%2Bp%2FqoHOH%2BoaP%2BvFlbfF9lPTscY2gtorZ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89df43807-FRA
expires
Wed, 07 Feb 2024 04:55:04 GMT
hadath-3-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/hadath-3-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a332e97afb7d1ba0ab7bcbabe4ddffd3434a015b7d50462f05abb08d22cf056

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40617
cf-polished
degrade=85, origSize=11377
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11013
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 22:04:53 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2D8F17P5G8GEImISXgHCYC4W2G4HKNfBQXdMnFLOd7AvJc3rtjuSPMqHuKV6y2KtJOQ6XHFDgbhqlQXQ%2BkirvMI0ymUidHOSmEZ%2BXG8Y4TH6dYzgWuJ2y8KF0oPrbgVq%2BsHwB2Bj59AVDRfLVCCpbCcg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89df53807-FRA
expires
Tue, 06 Feb 2024 22:05:19 GMT
%D9%81%D9%86%D9%8A%D8%AF%D9%82-%D8%AB%D9%84%D8%AC-1-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2021/01/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2021/01/%D9%81%D9%86%D9%8A%D8%AF%D9%82-%D8%AB%D9%84%D8%AC-1-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047ff5fbeada0eee8bd18419654f8b2d775835a291a93b99312cded159c254e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
101843
cf-polished
degrade=85, origSize=11789
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11274
cf-bgj
imgq:85,h2pri
last-modified
Wed, 13 Jan 2021 19:33:02 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mQ43x5NK9H89HDYVujydOT%2BtnVDfbYtrBRno5G2uECvlFDjp%2BcwrSiKkdnjomCoMR1o66JHztglbIv91bdana%2FKfpGgS%2F2IZfSuWEZAtu5iqn1oxB03%2BGlJBdY7y6afnBrnV80ntgue0WRCkieivRyI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89df63807-FRA
expires
Tue, 06 Feb 2024 03:30:36 GMT
turkiye-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/turkiye-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9381ca876f8ebf3fa6b1617c7d6881abe165d0ebd121fcc975dc19a0f2c7e6f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3490
cf-polished
degrade=85, origSize=21822
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20449
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 08:21:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6xYLRrkjG237pSySaxoH2mfxv7SLayWashHA8jT2f7esUOtBa54Y83gZ%2Bc%2Fw4skBwzyOsMK%2BED2Y9AX%2Fx9jRSC2roXrjau8BUVYUN0PYp7LlSKLDBzwNtL9Ax%2F9NqIUZkaaHimPRQvxYEFKIh9H8See"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89df73807-FRA
expires
Wed, 07 Feb 2024 08:22:48 GMT
khass-2-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/khass-2-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac9cee6af8cadccf153b8dd7831d4f9234ad995a87fcb42872a14d3ae826727c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40257
cf-polished
degrade=85, origSize=14827
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14065
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 22:08:14 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwjbQ4cWbQ2tjsLldQgQtEp5d7bJVgn3hPcpBsE%2FWL0%2FnRGKWfwAzN7u0YK2K61URGMyDvbzz1nd1Gk%2BJScuLGueqrOMtor5N3XSfgXCGNxPvVJRa8HHq3bEhMBiYFoxF8mz1Bu3r5On7kVa%2FzC%2Bpo1r"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89df83807-FRA
expires
Tue, 06 Feb 2024 22:08:53 GMT
%D8%B8%D8%A7%D9%81%D8%B1-%D9%86%D8%A7%D8%B5%D8%B1-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/%D8%B8%D8%A7%D9%81%D8%B1-%D9%86%D8%A7%D8%B5%D8%B1-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c0bea7989a24b1f1b762e6dc760d65e38e64c6e590c186d1adbe26b93d7a1ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15284
cf-polished
degrade=85, origSize=11395
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11256
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 04:51:27 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1U17tTLUk4aSwx2k8CSdSh1dHmk4FgGZc930Nfqo2BWvCBsXlQHduTfExR0BgSyb%2BHS5ZOjJtHrBQi9I1ivBBKqo1YP%2BdFoaQOvSTwdHeVTNBwD9%2FH4FE5JJnpnhObmCWpKNBgt15QzGKehQtbwt3jvi"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89df93807-FRA
expires
Wed, 07 Feb 2024 04:54:15 GMT
zelzellll-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/zelzellll-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd34efbf72db37cd099482fee02c11e6fb6b484c0edd61fd1927caab45c12324

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84068
cf-polished
degrade=85, origSize=44088
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31550
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 09:56:45 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyiVm%2BR%2FxpmzkLkAaXXRLYTNZISzlWkxEPVuPJOF8HmgH2H0ZKclwLQWAVCTujS1nihQWvRQwQ4kaFcwnQ%2BmCvoFcCvoGxu%2FEbE2GlWVzqM%2FksqhKVPNRFkhX6%2FagS48lq2y1PKzKDjQZiEu8rn%2BrSll"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89dfa3807-FRA
expires
Tue, 06 Feb 2024 09:59:24 GMT
%D8%A3%D8%B3%D8%B9%D8%A7%D8%B1-%D8%A7%D9%84%D9%85%D8%AD%D8%B1%D9%88%D9%82%D8%A7%D8%AA-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2022/02/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/02/%D8%A3%D8%B3%D8%B9%D8%A7%D8%B1-%D8%A7%D9%84%D9%85%D8%AD%D8%B1%D9%88%D9%82%D8%A7%D8%AA-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17920afba416d14131fa9953f98fd3283fc760b33a8cf681e49b3c486bdd2f20

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6439
cf-polished
degrade=85, origSize=19448
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18892
cf-bgj
imgq:85,h2pri
last-modified
Tue, 22 Feb 2022 21:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5SPLLmknzelOCawbuSboYxxp2ic3N4dLmnrNxmvw53qh0gaqavqsn2%2BwE0Mm7elT1ML740qDT%2BBhFgyd%2FNnRi1ksP5wfaocQoorv1VjPGPC0RsDJRQs%2FCGlXD0H%2BdhJfX8ee3mpxQ8nPhQzIHCYh8hD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89dfd3807-FRA
expires
Wed, 07 Feb 2024 07:32:27 GMT
64564546546-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2020/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2020/10/64564546546-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c75f4976ca76a63fd60b187185539f9ce0f26e16b3d3831f210f7de6ae6166

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38610
cf-polished
degrade=85, origSize=14328
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14011
cf-bgj
imgq:85,h2pri
last-modified
Thu, 22 Oct 2020 12:49:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcUOE1G7rwcl5YiRKdsBr%2Bt3EejHGLp%2B4AqzFCI3ifVp%2FApmNdRuhWobSlEcx98qEU2r8AvTTf96Wb0ktXetU%2FruxPaS1ByOH6BaIw9e%2B0Sz4sEv3%2BULKkayv4mnWspPrCkfqvWVS6H6WA47c8rP8gO7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89dfe3807-FRA
expires
Tue, 06 Feb 2024 22:37:34 GMT
earthquake-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/earthquake-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9068c7c9d4583f8a54bad7467f8fab1f4fa23610926abc0a28e3fb62c891238

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5782
cf-polished
degrade=85, origSize=24217
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22308
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 07:42:15 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2FZhrHZ2CNX5glpUQY4OqKQD%2FQz3yHBli70mIJKBGaiAkI7IR2zvJ8c67ocrlVbsJ4QfPE4o2DUUftEOQit3CN2vAUPSp9724tSCyBkt6vDsDfmUOuDNb3m%2BQGxrF3F4F6nJAwE5xZ1W2IUy%2BuhDRlBv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89dff3807-FRA
expires
Wed, 07 Feb 2024 07:43:03 GMT
metelmahey-1-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/metelmahey-1-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf7be0ed48f159ccd7cf9d116a316e8e990741d6902a53c33ebc511cb5314263

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40076
cf-polished
degrade=85, origSize=17492
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16443
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 22:13:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZv7tC4IkcXLwebIjslTzJzqjRk%2B0DRMV5ohjeBqFvjs0xNutDzRBLv4qsNgYFLY46hPNznrg960%2FxBCDY0CdApHRMZ9nUpOrjgCPLzma8VBUTKr5fKep7r0ko%2BJe1n2BsZXD8epqeoV8adJ9QjS2IaS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e013807-FRA
expires
Tue, 06 Feb 2024 22:14:28 GMT
Closing-JPG-13-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2022/11/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/11/Closing-JPG-13-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cff874c926c5c84caa14b6abcb50dc057b766bc858d0cdf98c72dddea7670000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
14380
cf-polished
degrade=85, origSize=34833
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14586
cf-bgj
imgq:85,h2pri
last-modified
Tue, 01 Nov 2022 12:48:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlH5GQHg8Uzw7qB414tlUUv7X1ijmjVuMHrXSUkq9KuH00gxE2oGg7w9hjGP4Tbn%2F3doNIhfB1c%2B8tD9I9fMWIZ1P3M01XJ47Opbp%2FTlPIRgk6dbnXxPbOmz0EVT8FOJNv4csGQOLKjj%2F239O2%2BKwgVN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e023807-FRA
expires
Wed, 07 Feb 2024 05:21:01 GMT
%D9%85%D9%82%D8%AF%D9%85%D8%A7%D8%AA-%D9%86%D8%B4%D8%B1%D8%A7%D8%AA-%D8%A7%D9%84%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1-%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D8%A6%D9%8A%D8%A9-2-4-306x184-2.jpeg
www.lebanonfiles.com/wp-content/uploads/2022/12/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/12/%D9%85%D9%82%D8%AF%D9%85%D8%A7%D8%AA-%D9%86%D8%B4%D8%B1%D8%A7%D8%AA-%D8%A7%D9%84%D8%A7%D8%AE%D8%A8%D8%A7%D8%B1-%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D8%A6%D9%8A%D8%A9-2-4-306x184-2.jpeg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec00992b822d8451b2ff5a68c2cfd69e9a4b3773e4386285bad10237b8c81ba9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
51078
cf-polished
degrade=85, origSize=9555
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9547
cf-bgj
imgq:85,h2pri
last-modified
Sun, 04 Dec 2022 20:25:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eokYbNbkI2pZfl%2BtjOIjBeSsa9Ycs8kqL8yUZT24ErB8MC5i%2F%2FgGAXfei%2F5S%2B2rlpPghxE9Jp5YVPBc5p7LpsR8qPsmBu0DRME6rZFkgapkff04Gn4YImf21I7MOblSMl2zL7dg5kq56k9tnghb772CB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e033807-FRA
expires
Tue, 06 Feb 2024 18:57:56 GMT
31-08-19-justice-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/01/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/01/31-08-19-justice-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca5059587704b07628a21a6d72f5e6569b3dfdd5b3f17ed4093e6eb58edf953a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
90645
cf-polished
degrade=85, origSize=9887
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9549
cf-bgj
imgq:85,h2pri
last-modified
Thu, 26 Jan 2023 20:29:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNstVoZgUBYQNgarlzIwdtUJ1Zdz04oxI0LY9RmNfOjwbHZbIdbP1qafh%2BkqXlfKCqL0h5QxZoAvCpPhDCkpzxkPc52l%2FZxKKnefn0IvziKyXvxjTO9f5t0CsPQfXht%2BXf2iZ9REquOsTi7UFQxamu6J"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e063807-FRA
expires
Tue, 06 Feb 2024 08:11:25 GMT
%D8%A7%D9%84%D8%A7%D8%B9%D8%AA%D8%AF%D8%A7%D9%84-%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2022/10/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/10/%D8%A7%D9%84%D8%A7%D8%B9%D8%AA%D8%AF%D8%A7%D9%84-%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02d1c775a4940118a6bf8b19653a2ebc8b2eb7a3e9d564b8715e86bf00f00c6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
degrade=85, origSize=19573
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18714
cf-bgj
imgq:85,h2pri
last-modified
Wed, 05 Oct 2022 04:41:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xa%2FyWThvGnO40AR3sL14wKxOJephDvtzutsSa47bY0pHCzr39tPIHtNIeI5U1DGJ2XJz4KcA63YaINGT6Up5iX%2FAhFVTUHSb3ye17hegVlaQ1fyxiPz5qH8m%2FKCgg7meFdT4gleNoDwxIhWDlBJoKobX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e073807-FRA
expires
Wed, 07 Feb 2024 09:19:57 GMT
%D9%86%D8%B2%D9%8A%D9%87-%D9%85%D8%AA%D9%89-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2022/06/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/06/%D9%86%D8%B2%D9%8A%D9%87-%D9%85%D8%AA%D9%89-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
231b283ead3f90a234eaf79c7838cdb1cc0bb099eb73f11d7eb11e88390b358d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
168
cf-polished
degrade=85, origSize=17932
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17044
cf-bgj
imgq:85,h2pri
last-modified
Thu, 02 Jun 2022 05:17:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJI%2BXQrMXCPiJXT1dU3swvwgRLdcugrLRifY2fUiYNxxVTK6zIFoWgQUPgXWI92fwHUfi%2FsYnkY5BwvgHu23TXwZoqliC8sUC7x9pdhDVhjnAxsMgmHtxo8ej4ZS%2BhN7DwPivW6%2FA%2FPtts7ZyP5H3ozj"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e083807-FRA
expires
Wed, 07 Feb 2024 09:19:36 GMT
%D8%A7%D9%84%D8%B3%D9%81%D8%A7%D8%B1%D8%A9-390x215.webp
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/%D8%A7%D9%84%D8%B3%D9%81%D8%A7%D8%B1%D8%A9-390x215.webp
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7d31724466b220d9afd30fb0c1a26140f50c6d38cf4ff4e74922e133fb3033

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 09:14:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
352
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1W2wKUA8doNW%2F3AHiILAcS3d0rhEqJieDDBMbP4GSdAtNSxRbP5PMy3ny%2BsfLnrWVVdSpBLZczsMmmX86603w2%2BNLv7kNovYEKPdtgH7IuZYusQo0aUTXG0ahnvaTN52UblWmae3D%2BYwh7rED1QHAwO0"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
795b0fc89e0a3807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15762
itw-cache
MISS
Z6SiNFK1-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/Z6SiNFK1-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51a6dbd109b65b4ee7b503b468e13d62f0ef182b8b61fb93a22a70dcce6d8d9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
535
cf-polished
degrade=85, origSize=15786
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15456
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 09:05:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVMgKLk1m6TKrCctfwPiBCT2%2By5gHf6tESmcKMnMW3AIp%2Fa7T4F1kwPpf5uyGlnwmVYi%2FqwAwJLU8xM7PBu0igYVXKH%2FXjkqL09rgEPMV4BMtfJIYkzz014qRG1oK7wf1JyOnaEoDO84Nmt%2BpEMxKr7c"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e0b3807-FRA
expires
Wed, 07 Feb 2024 09:11:15 GMT
%D8%A7%D9%84%D9%8A%D8%A7%D8%B3-%D8%A7%D8%B3%D8%B7%D9%81%D8%A7%D9%86-405x215.jpeg
www.lebanonfiles.com/wp-content/uploads/2022/06/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/06/%D8%A7%D9%84%D9%8A%D8%A7%D8%B3-%D8%A7%D8%B3%D8%B7%D9%81%D8%A7%D9%86-405x215.jpeg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5826dfd6cfa395afeef006c72378d160e3125e04da8e6c7df65e414ce2d16d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
897
cf-polished
degrade=85, origSize=13939
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13379
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Jun 2022 07:04:03 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oTRSliVaZkPfGYl%2BLigV53St9LWc1AxT%2BIxLENTnqDDdk%2BETF6lOqNtx7QfhT8p6NdkGhKijQvpDyXvJHHnjBiKgujinJ0iD4QbYRKkMwuBTTW55FnLjH2ORqk4Ckj8%2Fl5AVxTciPMZsFwmLkn3u2cO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e0d3807-FRA
expires
Wed, 07 Feb 2024 09:06:30 GMT
%D9%82%D8%A7%D8%B3%D9%85-%D9%87%D8%A7%D8%B4%D9%85-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2020/10/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2020/10/%D9%82%D8%A7%D8%B3%D9%85-%D9%87%D8%A7%D8%B4%D9%85-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90ca2891057b011402be844b1a331c7da1ee1c44fd4db6855822f8046b7db97

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1095
cf-polished
degrade=85, origSize=12199
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11826
cf-bgj
imgq:85,h2pri
last-modified
Sat, 31 Oct 2020 12:04:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Cu1DSfYl5DBssRShQIo2csnDgVuFCPktp9WriAk3QE9Yu%2BAcxS6GkSpj3WdZEK0BdgUMYjZuzbtc8xLrO%2B6VLsSysIL90E5zHi4TyfP5OGA7GJBB6oS263E6xa9ec254CYgaZth5lIA4TQSVl4xNkes"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e0e3807-FRA
expires
Wed, 07 Feb 2024 09:04:00 GMT
h-4BRp7I-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/h-4BRp7I-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d49ac5e06c7c66881f5a3c1bba86782bbde16706d8219492719c70938fcbe444

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1275
cf-polished
degrade=85, origSize=32416
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29212
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 06:23:07 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8iorsLZKNfQJysQjYcdZoPW5exrKHiDUTPeFuyw3e7pHPAwDtcdxdZW2B5mOBXUWJCzSInLT4VT3aDEFIkZvewx4oEGJ0BBiEz2n01jbtyDDOmeBnk92R%2FJIcRoA%2BVRnIKPhWFyNiqbBX59f%2B4PjHRtm"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e0f3807-FRA
expires
Wed, 07 Feb 2024 06:24:20 GMT
%D8%A7%D8%AA%D8%AD%D8%A7%D8%AF-%D8%A7%D9%84%D9%86%D9%82%D9%84-%D8%A7%D9%84%D8%AC%D9%88%D9%8A-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/%D8%A7%D8%AA%D8%AD%D8%A7%D8%AF-%D8%A7%D9%84%D9%86%D9%82%D9%84-%D8%A7%D9%84%D8%AC%D9%88%D9%8A-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1f448f37cff9977a46f8e8986a806726b01f931c1164be424e1263999fd543c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1452
cf-polished
degrade=85, origSize=23057
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21752
cf-bgj
imgq:85,h2pri
last-modified
Fri, 03 Feb 2023 09:57:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U82Gh66v3bfhAELK6iFkuYqBYnkQkwONQT9ek7Zz%2FiYtcUBaPdVe91e5Z%2BL8eUdqOG8EXeJ8jgdTQKsyNYVSx1MhIpmMazo%2BEMLpNZWEVbmoYIsto4UY0%2FOv2SevZO9x0rKxkhJBbsLUwwEHLH1f8jAP"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e113807-FRA
expires
Wed, 07 Feb 2024 08:10:45 GMT
unnamed-4-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/unnamed-4-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e18c1fbec46eddabdf9044c632d2db5823df5485a539ca4bfecff2599efa3e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1802
cf-polished
degrade=85, origSize=29418
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24369
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 08:36:01 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvfZu0K4aV%2Fu9Fpnzz2UBpjs7VPbxcfrmhUfwx0MxOQ%2F%2F8BrwnOK9G4undUkgU%2FvA98hojp95iMFXcu8U3WiD7TkzYJ0a5MRM9pJ1S4%2BJpE9Cz0wvt7tXCN3rCbmIi4k29CF5vi9KTmnToDhM9ICEXyw"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e123807-FRA
expires
Wed, 07 Feb 2024 08:50:10 GMT
%D8%AD%D8%AF%D8%AB-%D9%81%D9%8A-%D9%85%D8%AB%D9%84-%D9%87%D8%B0%D8%A7-%D8%A7%D9%84%D9%8A%D9%88%D9%85-1-300x194.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/%D8%AD%D8%AF%D8%AB-%D9%81%D9%8A-%D9%85%D8%AB%D9%84-%D9%87%D8%B0%D8%A7-%D8%A7%D9%84%D9%8A%D9%88%D9%85-1-300x194.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
249024d8bdd95755684a12be868517e2a861b045106cf48fd2864b9cf835bed3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19157
cf-polished
degrade=85, origSize=16748
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15217
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 22:16:49 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fzw1GFGVJqeJ89EDJt70BeHAMmMvj%2BDsQKhL4O0A5I4QQitK0120UTSvEX%2BbT1NigjeAEQj0j0SqeGTSL8aH9CC3Hd%2BEpo7k5SRdhyoXH4JL2%2BNvm5IMhsueoeLwXMp8HYwS9EyevkI7P8nFNeX2RsA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e133807-FRA
expires
Wed, 07 Feb 2024 04:01:53 GMT
sou-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2020/03/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2020/03/sou-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f2e2b28e12f8253a1c62b4d37411656baea0c241a0d8e3f38ce0669ea8d189a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1275
cf-polished
degrade=85, origSize=17222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16452
cf-bgj
imgq:85,h2pri
last-modified
Fri, 13 Mar 2020 21:48:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=za8u34qDOZ3%2BUHH0k2%2FxnKMKacy2lQ6Si5J0jvoO%2B2s%2BO%2BDJlEX5jn01989o5Ef5hJMqCY761nf3pGYIx56Qbf6Jqmfd0UQVmZWfG5YzhjKACkciC7nLUvogjPRNCYlgHtvUoN7ssuwXEaGm9raSgTmq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e143807-FRA
expires
Wed, 07 Feb 2024 08:59:20 GMT
thumbs_b_c_107643e011dd777eb0adc0cabd0d8c10-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/thumbs_b_c_107643e011dd777eb0adc0cabd0d8c10-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
759b4058b064804b687449891522206ffbc948bfe1c02aeb9d213b497215eb62

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1601
cf-polished
degrade=85, origSize=14153
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13189
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 08:25:37 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frJTYAcCITdaw1Rx5TS8wI5V4zIfcS4ntylRfDkV%2B1SZCJBIr99zJMbbqDVrGIcnyeOrE5HuXYiDCsY47UHI8Vghdb7pzw3RnRj3VPM7thq%2F5THz7DRQ56UMxQH5iMmbROgnQMnlLH4peQhrspvSZXPl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e153807-FRA
expires
Wed, 07 Feb 2024 08:27:13 GMT
ca1041de91d5d63ee58699738d09d343-306x184.png
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/ca1041de91d5d63ee58699738d09d343-306x184.png
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29164235a9db440ed1733b10d686718031b14a0b4d17928062a7cbff58dbe81e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3255
cf-polished
origSize=74577
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66942
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 08:21:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exbN19ikSVXR4nVbkcCyRtX%2FqoUZiiEbcxbPVslvlTxF5RLa6Bh1y%2BeYhwryZzSaTpPYaCHeoeFSwEXMcPrfKTKz0L%2FBPP8iwOx8h8nki%2BxTPcdGRO5pyzjf3LWH6aXl6DpSzooFKkoy%2BPLV4KM2w%2Fla"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e173807-FRA
expires
Wed, 07 Feb 2024 08:23:13 GMT
FoWXU2HXsAck0CY-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/FoWXU2HXsAck0CY-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d82dc347c62d06507e015d8a2f3ec90c55dae7e1fdab2eea68f71134ab0325e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3465
cf-polished
degrade=85, origSize=13222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12511
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 08:10:00 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVxAevyH8ELhMvx6bWWw8gkLN2ZTE35WuBAZ0VlSq0IyIRZLbUYs%2Fss71jqhij3O8Y2SBwurLRMW%2BwPjJteSlMvSMKpuBo5SlaehuiLFYYZZrBiqlUwFa2hthw3jmLP0xhsjoEZ%2FUqutUm4hMFc8sRBa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e183807-FRA
expires
Wed, 07 Feb 2024 08:11:12 GMT
63e1f75742360457f24ef79d-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/63e1f75742360457f24ef79d-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed8766a2c2e43a06492830a44109c7811bae990c6c3be4c253103b450d9a5ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4171
cf-polished
degrade=85, origSize=12625
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12278
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 08:00:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOLyiEter6llxDwtyKREj5EBRx1PJQY9MVh%2FgqSUf%2BK0k9dRYGQMzYepDkZuBwKOSfcFu6XRHMPdSwtsdQIGZfWM2sFqUcSIxK5UGG9dyIsP4MBPC01jseX%2F7tsG1jCBKUGWA6d5cKiIeNV%2BR4hARcMl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e193807-FRA
expires
Wed, 07 Feb 2024 08:00:50 GMT
ben-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/ben-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c2f9ab5ecec8066bad4a82d2bb5193dbb23838c7cf890c487b4a3950897e7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8741
cf-polished
degrade=85, origSize=35224
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17621
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 06:52:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BsFt4VW0dkYEhRiQPHS2YYGbAeKowxHED4%2FumwxC9cq9OOe82M4kEYSvMtlWeTP7fukERySuM7ESlxUOiOG5XRUEvhgmlC1DUC7gHCBNtCyWMUR%2FlbwmPYJAbs2SmyESM31Z3oezIYF%2FvXmAgkiArDE"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e1b3807-FRA
expires
Wed, 07 Feb 2024 06:54:30 GMT
yasser-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/yasser-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1ba0dc0606aa61177afae63066bba5982ebf2b974ebe2845fc888b165528f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8789
cf-polished
degrade=85, origSize=29025
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11182
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 06:50:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FfoN31ErHkLfAgJmjU80TIRGklUCal9xHg71fYxUmCuixy%2BvFhupnwSIiiJ6fXLkGgHHejOugFM0VS93tl3QekjNsXo%2BrPA6oVQCBOzyY0XCJcDrykZsUXRFYwSakthVYjSx9u1PiCwuSJjbdDf6jLcT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e1c3807-FRA
expires
Wed, 07 Feb 2024 06:52:56 GMT
chris-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/chris-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8c4b33eaf2ca2eee4aee6d59ab0206cfbc2b4640707965c7daa538e0043543d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8970
cf-polished
degrade=85, origSize=30310
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12807
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 06:49:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjrhqdcS6Vl4mdd15lhGbc%2F%2BOCGhSzU8r3BOCVKumYBboO2i0LD735Zn2YQafU9JK9HlDOnGfupUM9iogLeQxGy%2FkZ8h2wcKC5CjqQVMWZbEDXbRjkPE7jijMiPjQHo8PQM9dYyVSJoNIC5ABC%2FOASUB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e1d3807-FRA
expires
Wed, 07 Feb 2024 06:51:29 GMT
arnold-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/arnold-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c655f9a691901e3ca5842f59833b6d82e26ff4ccbd0388d45b4350e80f43299

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8970
cf-polished
degrade=85, origSize=23238
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8808
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 06:48:49 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SQYCa9x7rFOYkfC%2BQhP7asxGKLdg8NdvQPYzy9aEdbOoPw56voOc7rOn1Hs5SjiICiUsu63XHwVyZcqaBPFqGtCReD3fWqQggaSyLnt8kIIAwKrk46D7X31bFKy4jzCtumrWVwugT%2FK3Sud8X7VMylh9"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e203807-FRA
expires
Wed, 07 Feb 2024 06:51:29 GMT
%D8%A7%D8%B5%D8%A7%D9%84%D8%A9-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2022/01/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/01/%D8%A7%D8%B5%D8%A7%D9%84%D8%A9-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3afad25af29a994937e27cc69012b883d167810e96ced87d1f995f927654b775

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
79505
cf-polished
degrade=85, origSize=9994
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9617
cf-bgj
imgq:85,h2pri
last-modified
Fri, 28 Jan 2022 06:33:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dtVGhVEwXTkqx7uS%2Bw%2BFTDzehr7L5gZLz0Q1IPn2WgRPEuqDRHbcLAECnE6ujxQ7gYSZOSKorPB5WQ5pjh6jiW7hHjAlEBeEbFd3eDjvQXSW9cB8GtO61YBrc6LXhpPdtshHpGWOlVHb8BgyIDSb2Bi"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e213807-FRA
expires
Tue, 06 Feb 2024 07:16:27 GMT
580-2-405x215.jpg
www.lebanonfiles.com/wp-content/uploads/2020/03/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2020/03/580-2-405x215.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2d94f02e891bad9d1cad8f4df600469470386af7c8ad7a4742d15d45f582845

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3992
cf-polished
degrade=85, origSize=11188
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10927
cf-bgj
imgq:85,h2pri
last-modified
Tue, 10 Mar 2020 08:12:29 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzEB2uoJV8kREsgKzaDmUjXWzGJAwbw5sskPEcnSwo9B%2BB33yv6uAMD08R6qH4V6V5TKcdvNA7t6OOiSUI8RSF0njsZpGro1FyspPv4wrruOYP4oti%2BLpiBHSN9q0UIDLmK1Y8ifqG8QADMPEe0X8Q%2B3"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e233807-FRA
expires
Wed, 07 Feb 2024 05:44:35 GMT
dollars-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2022/08/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/08/dollars-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d190ac2c8bf5b15df41215dd916719eb9a4b514c1756a2e8aa8992efad0826f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
141810
cf-polished
degrade=85, origSize=11562
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11056
cf-bgj
imgq:85,h2pri
last-modified
Thu, 11 Aug 2022 16:56:58 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O89vw0OlNqKDPrlXaR5ahHqtw2hhWKqk0H6cNCN8bGfjbpYivw0Fl2pFink1R%2F7nJnipnDDbsukXo0uxjzRU%2BiJc1%2BSr0ypCzeL7TIGSUTzBeAHUYgG4NrCyLMTZUWYKIPEG7SOVlxJvB3NYYvnGcIKv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e243807-FRA
expires
Mon, 05 Feb 2024 12:31:12 GMT
%D8%A3%D8%B3%D8%B9%D8%A7%D8%B1-%D8%A7%D9%84%D9%85%D8%AD%D8%B1%D9%88%D9%82%D8%A7%D8%AA-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2022/02/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/02/%D8%A3%D8%B3%D8%B9%D8%A7%D8%B1-%D8%A7%D9%84%D9%85%D8%AD%D8%B1%D9%88%D9%82%D8%A7%D8%AA-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d929a0d22c927917c4e6dfb26374c496c48502cb148ee958bbf627bb8d3d529a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5003
cf-polished
degrade=85, origSize=14007
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13534
cf-bgj
imgq:85,h2pri
last-modified
Tue, 22 Feb 2022 21:45:47 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQpdtbzIPDZ6uM59%2FGIkI4j1K1ApbEzgezKNXZXdx6gvMYNEb60IKRFR%2Bcxw55O8ROiZU%2B6vHBMAJlM0ha3UOOm%2FZsA7DDAy29q6%2BJiwhiz1oL%2FPEV%2B56Mhyx8YefU%2FGB%2BLz2PvLAz4l5mTQtuucJg8L"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e253807-FRA
expires
Wed, 07 Feb 2024 07:31:33 GMT
masleb-306x184.jpeg
www.lebanonfiles.com/wp-content/uploads/2020/05/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2020/05/masleb-306x184.jpeg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5fab74c157e8c87b1ec3c65b541cd919a7702624611dfc98063c1fa7efc12ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6892
cf-polished
degrade=85, origSize=16164
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15788
cf-bgj
imgq:85,h2pri
last-modified
Tue, 19 May 2020 04:43:10 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHZRYg6%2FnlKs0XNP7lIR4MzdmtyuJek%2F%2FkNNGrpCabdkGcCIP8iIfPtybkiCpE3I039eM2DsSWEdOvH%2B6KH69wiaYLqEtyfUPQljiRtROKkGRCL8TB3qBHs%2B03WKyBy5lWHkH6qlkEjduufd6W2L9NGF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e263807-FRA
expires
Wed, 07 Feb 2024 06:38:53 GMT
659681-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/659681-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d42509eba449991fcd875258d4de5caaf6260c3d790df4d29848f73b9352a80

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10099
cf-polished
degrade=85, origSize=11295
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9497
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 05:58:08 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D96wYPwCpLNRMmELMAGqFOkPHeyFeI2FOEi%2BX%2BNuVodzRIF%2B%2BUGdHMBZbopqgo5zHsaiwghNCbuMRDIpkgbslLJQucuqGtrnGg4qKD11Yg5kzmTa8D6NtqeZXTXiceoRIRCVdhe7ur0t%2BYex1viwkCNN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e273807-FRA
expires
Wed, 07 Feb 2024 06:00:10 GMT
earth123-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/earth123-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
667134035ddf39a2515c0d2e380d73c3367de517f6355287a95c052813128ce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
78037
cf-polished
degrade=85, origSize=15270
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13865
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 11:40:55 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeDyD647ylHXVJ8P4IPzw23ySCsq0L52JFfN1jfvgW6eAJqkJJNJTcm8epuwSaWw1uYPioFgwrQf6bzMzABaIQMl1WEnMwA40jgS%2BYwFh54GzJozji%2Bd%2B4RqJ83EYk84Ph65jIQ528To503Igt1QgrDe"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e283807-FRA
expires
Tue, 06 Feb 2024 11:41:27 GMT
3242790-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/3242790-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45b96e594b1e19133c1035d8ddf90ff8f80180af6ebda0a431429a9577e35b6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
97971
cf-polished
degrade=85, origSize=11102
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10589
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 06:07:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HB%2BwfBHseoywI4r9EhmZFyF67y7n7jr0lJXXxLh0W3cqKCCAiSDXGrwcKXdcMUkVhBk34hOo5Biewprm%2BCMSnQVuyW0g2vKlwaWxETiSotkdp7BVt%2Bsn10F7OL6n80PyaaxkTPI1XrE9olIohLns1sho"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e2a3807-FRA
expires
Tue, 06 Feb 2024 06:08:20 GMT
zelzel-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/zelzel-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed051e79f68066d1678e3885ca592b3a3d6ff522a51a3240e8e993adb1bb1196

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32253
cf-polished
degrade=85, origSize=13483
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12602
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 09:51:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w4BOxJUkKZL%2BoG0bmgwsrLVot1NxmlJTG5WGEV5DbmdAU4n6wimA2hGATcYoObYMPpo5nd0oq6BJrSxRrN%2FzIEb6N4DU%2BuXUC7pMm50vIksJ2iL1lijxHKTW%2FqD2s8VGQk66x8Uh2FhVTVznWcGmUSji"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e2e3807-FRA
expires
Wed, 07 Feb 2024 00:22:27 GMT
145225_t-306x184.png
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/145225_t-306x184.png
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eba417583e78e816deeb933f8f6d0b629894d4eaba5d4bb2d9af31214eb9329

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103759
cf-polished
origSize=119721
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
106668
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 04:21:17 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iw1SRPODMdv%2FAXrjtWPRDuFs2RcNOKJ2sAGPbmLkmX11D6vfme69rj4Lez7eU5hymkUA7nEv4c6XB8nodqhokEHXfEHaJEhXqPpNOExRpuumYaCtt9PYVEn%2BxhJN5zzGYQZ9gEIQgcE2hIf5FlziTwWS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e303807-FRA
expires
Tue, 06 Feb 2024 04:21:57 GMT
10-01-20-stormmm-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2020/01/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2020/01/10-01-20-stormmm-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e0ec5d38a9c776baabb7575c2a06f05fc9b5ab412736c911c6c1ee827302b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86054
cf-polished
degrade=85, origSize=14354
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12876
cf-bgj
imgq:85,h2pri
last-modified
Fri, 31 Jan 2020 23:52:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Le6G6c71bP8BvHg1YtmY1%2B0ln9G%2BYueUsrhhl4wCbSkIZG9IX1GygKA7uhE3Y2a5P2yMAHFHGcUK0XuhIABjHKLXQD%2BDOEwHWjNGk9Ie8FsvBHhWzBDBkpj2z6hENxULLs0VQjCqYLNSYZxIWdkR%2FrWS"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e313807-FRA
expires
Tue, 06 Feb 2024 09:27:26 GMT
zzxvvvvvvvv-306x184.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/zzxvvvvvvvv-306x184.jpg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ecc166c436d8396527853910d2bd1f042f134209b4e3b0526dd66b67ed8c0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
87317
cf-polished
degrade=85, origSize=7538
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7463
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Feb 2023 09:06:09 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96DZk%2Fz9xyJkf2A5ssSVVmc3BfQWYkvBbHqMUCZwBDEyFNundLuGUfF4mJBvkdLh3QJ9zo7UhnleLO5UuFWuV2ixKM9JaS8aOQBrINh5qMITOacsVj9qIx8aemrHC8ijTX7DiGp%2Fpt1EfPWKpPtsvuQ1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fc89e333807-FRA
expires
Tue, 06 Feb 2024 09:06:29 GMT
bundle.js
tpx.tesseradigital.com/dist/ 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpx.tesseradigital.com/dist/bundle.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.157.179.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
639971c135079e20535fc0216305f587e163a58c52d447f7fbf52a9762b8cad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
server
nginx
etag
"6fcd23f9ce17f27a58aced80bcb0b160e477d44e"
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
26906
lazyload.min.js
www.lebanonfiles.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 31 Jan 2020 14:10:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNmZl5pbExlfFgAxQG2JsAxuOnikgMR%2Bpcd4Hob5eGPCYefh5wH15VoEBiXiyYEBURmHVR1TLZsJhzNsg5wY0T7JQwrraaCMXXJE2gS1UB%2FK3MAnQ5J2HM3R%2FlDZcuHokTYj%2FK1zVdCrkqlCHU9WECqP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8de953807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Dec 2023 02:02:56 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1674
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
795b0fc97e11907c-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 10 Feb 2023 09:22:32 GMT
lebanonfiles.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/ 		42 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/lebanonfiles.js?ver=12.2.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78797b518e0df3bfe55a1edfca1a70d0009ab6d210aa1f46097bccf11343c84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 19:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wm2hSjrn2t%2BmNcid3TYdGYUeeSRNWrD9OqacgV9QYOkORG5pYqhtQBfSCAL1aGlmrRo5hlVKnyw3RQCNIhV%2FOJDOGoPk7zFQx5ULBHjBt%2F8ApGx4PcpvKf0uNEKNQDUUEyKuRxs3DjWKmBemBBlrdcAl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8de993807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 25 Jan 2024 01:30:24 GMT
simplebar.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/simplebar/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/simplebar/simplebar.min.js?ver=1.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5be5b6e3ff509bba2f9ee8a7dd4ebfd8016d1a0b2f085d980df240b10d25bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgXh5ObVN1QTyFs8hQe34mVlra7WHoohYWM%2F2e0ePNtLPFcfes6RTVI8ABySfRdQgzxlFvOfH8NQSTED6HKetJlYJhTr58QQzL1%2B6S965%2B0LVTBfc1IlVsMDH72JFKDuEdNvNef%2FBvUE%2FcQjNMTb8x%2Fc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8de9c3807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 21 Dec 2023 18:21:40 GMT
slick.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/slick.min.js?ver=1.8.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jq0V8kUMUCpqNwyw%2FAD7EzNvoVqF2UnhCGew1MEE5Y6TYEMkjkP0XoY%2B%2BAulW%2FVagmG0fOR7uM8ebHgWneXWXIiomXQxKKyewVhFLICzWEGO24nHNe1rA1bYknyDKpgSz9Xn7v5Bxp4Vf41J20XMdWZd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8de9e3807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 26 Jan 2024 22:38:33 GMT
api.js
www.google.com/recaptcha/ 		919 B
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
76567080aa1deab06195ce67c4f5d97e52d52a0abc0a35c13ff8dca31e78194c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
578
x-xss-protection
1; mode=block
expires
Tue, 07 Feb 2023 09:22:32 GMT
index.js
www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.2
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32dd00604df8db3415240d450341558b6827b1e02dc0f211d8a6d9a4287c522e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 20 Aug 2022 18:20:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrhIadYLYE1AcL0OErJlFB4yRpzIUkZjJLrt4Y1YmHDxQ9p93FF6wmtwzgahQxP3G%2Bosofo%2FecZJRVMpTAse7PTCDo39KKwTUjs0pQGmwAb%2FiHdBggMJdDx%2BXUaQriNNVtwu99dOL4p2kY1NrA5%2BPg3v"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8de9f3807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 19 Jan 2024 20:09:30 GMT
wp-polyfill.min.js
www.lebanonfiles.com/wp-includes/js/dist/vendor/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 19:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLbXSLQO6w%2BArIk4CVDeqZWXRDsALuvfmdguBStq8hNVohSRaYWPLXtghsft%2BRYRHpCKouwCmIvrSIuwtKgDsQ0smqQYUVcBCVY4sqldaD1laRaUWWB%2B5UhQB2dzGDoxo79J5SYhH711HBuC%2FlVxC4ew"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8dea13807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Dec 2023 02:02:56 GMT
regenerator-runtime.min.js
www.lebanonfiles.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 19:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bo1kCD8F4XjmblCDLO0PJPOtLFrF95gtQk%2Bzc398%2FlsiYSSm5hSrwPUX7L1bbaUxsMu0qDwdJPGi9S4Uo26iZhYjqL3zxZ3ye6gH%2BhuCerhQefUL1qPyItLrqTkFeyQlOPbczbeFyLtBvr9eZWxVkyy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8dea33807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Dec 2023 02:02:56 GMT
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
52.216.240.78 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:33 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
FRPVA0KPJ6WS3MBR
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
8GYk2jDIcYeaKVhMJp3kbS3lQ1B4qozJ9ZTefHW+DIayCNcOTx/Cb5K1YvHhBrG4blxTtWS9T0Y=
sdk.js
connect.facebook.net/ar_AR/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c6dfed41b5a97b169e9f894e4a15831d16f2236e17aaa872077977d904442357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.lebanonfiles.com/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Feb 2023 09:22:32 GMT
content-md5
YYog3Fjfa2bGl09brxj5iw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
lxHxJyoDs2WYy5GxWRvLI2SOGZNUn54+oIA6ditjgkSj3VxQHgS366Dx8soOVv8mHx6Q0ikC7Wg0a8qEGmqJnw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
917726464
x-fb-content-md5
617594774ec64cdbcead736c7efda0e5
cross-origin-opener-policy
same-origin-allow-popups
etag
"d47f5fc3a0cc82bcea31a3ef40eeaf99"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 07 Feb 2023 09:29:24 GMT
RV0UR9OI.js
cdn.insurads.com/bootstrap/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/bootstrap/RV0UR9OI.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
6d3e8aa04471ca235093290325bcf511af7c9ced7cccfc2ee6d6ed2a2198fe0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
gzip
cdn-edgestorageid
1055
x-amz-request-id
00XEW125DEWPY9BM
cdn-cachedat
11/15/2022 11:35:57
cdn-pullzone
55316
x-amz-id-2
Zr0wvwAr4cG7xlGrWV4xpuXLhm6bUBgkITY0QallTUrUJxMk3CK3bVUNgZ1BlvJ1Xn9oBPG9LTE=
last-modified
Thu, 14 Jul 2022 10:18:39 GMT
server
BunnyCDN-DE1-1055
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"0f37fbdf419c5bd29bb16eea13de75ae"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=86400, s-maxage=604800
cdn-requestid
e208f8e4457dbeeecca1f02caeafc9ca
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
eb04c7fa-27fb-4c61-8600-c39fc91d7ce2.min.js
cmp.optad360.io/items/ 		497 B
997 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cmp.optad360.io/items/eb04c7fa-27fb-4c61-8600-c39fc91d7ce2.min.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
2600:9000:2138:e400:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 06 Feb 2023 18:45:30 GMT
Via
1.1 f227d65e557c0035788e7808ccccd7d8.cloudfront.net (CloudFront)
Last-Modified
Mon, 12 Apr 2021 08:54:56 GMT
Server
AmazonS3
X-Amz-Cf-Pop
NRT12-C2
Age
52685
ETag
"7acdc116a0830ba0aef5e087010246ba"
Vary
Accept-Encoding
X-Cache
Error from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
497
X-Amz-Cf-Id
5H3HbHPBJ4foU91qycJ6gAAYk1PEj81jjY5CcvW92zB_FVxDLrITlA==
plugin.min.js
get.optad360.io/sf/8b2de328-d178-47b2-bc5e-74cf6a08de97/ 		264 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://get.optad360.io/sf/8b2de328-d178-47b2-bc5e-74cf6a08de97/plugin.min.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
2600:9000:206f:dc00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f24bfec3e4bb65273c40c30a79a9f414b56f5e099a9b6909cfe3c55665defba

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 13:18:52 GMT
Content-Encoding
gzip
Via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
Last-Modified
Fri, 20 Jan 2023 13:12:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
Age
331421
ETag
W/"735f38fd4a4ebe6533729fb3e089234a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
public, max-age=604800
Connection
keep-alive
X-Amz-Cf-Id
HeYt3k0HqOaDa6B41u6WQSuJYbWqk1MdBRmSq270pKbS30oxCDgnyw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
148a28237ff2f62dd9e5a80c484fd6c542327f720716834c565bbbae08be8e17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27221
x-xss-protection
0
server
sffe
etag
"1475 / 285 of 1000 / last-modified: 1675724876"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Feb 2023 09:22:32 GMT
sa-script.js
cdn.bidder.dev/clients/21894097782/lebanonfiles/ 		165 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.bidder.dev/clients/21894097782/lebanonfiles/sa-script.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.69.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.69.96.34.bc.googleusercontent.com
Software
/
Resource Hash
4b72b85b9d16b8c10a1f33b857ba56470a568cf4c0b619fe8479c65ac221b656

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:28:24 GMT
content-encoding
gzip
via
1.1 google
age
3248
etag
COzB5MT69fcCEAE=
content-type
application/javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48920
lebanonfiles.com.js
htagpa.tech/c/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://htagpa.tech/c/lebanonfiles.com.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
228f611eb28a75360b3966c50617de0e0a9436cf1316ef1e8c319b3ef8f7696f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:32 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BCKG44YRNBJ7YJ74
Age
4698
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
2645
x-amz-id-2
qJXfADYDD+qtmCzYPXzGrXOo8BDUc/SNRaRbELRqatBK1ombeiaQZ/cdwq8XykyakaG1EgJ/eDo=
Last-Modified
Wed, 01 Feb 2023 10:54:01 GMT
Server
cloudflare
ETag
"b450c939fed4e797351f71628e90b6b4"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5N4YtGdJYZULiuiUuFKdqx%2Fs%2FssD28rG9DHya4H4xPfxvXbRujx%2BEYMklWt2u%2B0391zniVnuP40QSMtam4eDR7%2BmVxmUCXSqB93R0a3zgzd4zhHBh9wmMYm%2FH4%2F7vWr0pXEgC5RnT9q5Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
795b0fc93d969193-FRA
gtm-943bffadb016293d1cf74b6dfb8d76ae.js
www.lebanonfiles.com/wp-content/cache/busting/1/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/cache/busting/1/gtm-943bffadb016293d1cf74b6dfb8d76ae.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400c031b3f3f33060b58a001393f6929ca5805005e2c600c2226390786bdec3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Jan 2023 18:03:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKWCAt7R%2FB2t819L55aCK0jH6VBKZ5Rk03FHShWlAiZ%2BiN3wEYAmObJ0Z1KgYqkIlD%2BwhaBJQFWp4bFYe7A7kTqPSjm2rTisM%2B4oU8qc1vJpxQBiSlhwHydCU%2B%2Bbqf4fcOFmCAOi20aw4Ot%2BBV%2Bk1iOD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8dea43807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 02 Jan 2024 18:03:37 GMT
lebanonfiles_11820.js
ads.vidoomy.com/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.vidoomy.com/lebanonfiles_11820.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.19.54.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-19-54-139.us-east-2.compute.amazonaws.com
Software
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33 / PHP/7.0.33
Resource Hash
2b70bc8468e35f8a98bf9f6aebd2f5a230fcc4b20bc726416e1eefba099d5689

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:32 GMT
Server
Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By
PHP/7.0.33
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
4997
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c33fa27b9c334a397d02386be6f4ac322a58b24ab72c8dcec7df466526d7b72f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50187
x-xss-protection
0
server
cafe
etag
2332344072824346445
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 07 Feb 2023 09:22:32 GMT
swiper.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/ 		136 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.js?ver=6.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 02 Mar 2020 09:09:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoJ%2BpdjIbRcq11DH8qA7wzImRSC89QA54M6VO9odOx69Z%2BzqbQbYgiKPs%2BTl0zlbwD%2FBi0Mxz%2B6ufd8%2BmT6SBCZ4tRqG9q0UAf6Pml0jo9nET337wWr6rh5hU6GpEWcmDdrLtdk2w6K7Sc7FW6WnrS8H"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8dea63807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 29 Oct 2023 02:51:03 GMT
iscroll.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/iscroll/ 		49 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/iscroll/iscroll.js?ver=6.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ba5939372549192a9866bf2c9d828e9c7f16487c080a5339b2355601fd292c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cCl6WiOVwc2CEvNqqmrrCD0RJUswBEQjbZfGYlO55qyCiow1esBuyOWqdLYLxIEkplBXVkcELLtHbFihOc0avwM%2F7wQJiGVSs0pYZBVoiAfsgIsDJ7Dm0%2F8mptdZjOQYBLLTJ1KVr6bUXjxdSAo0kKY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8dea73807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 19 Jan 2024 22:19:22 GMT
jscroll.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/jscroll/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/jscroll/jscroll.js?ver=6.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca296812f114107fa083d5231d83f2f12264be3f0fddf1e270b41f849fbfa8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 Jan 2020 10:33:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVIH9RBcBcKbN%2BR90YEGX9w63q%2B2Ss5o9SE64QId3J%2BLvI6Z2kqke9QmAu%2BQ63rqIdsI8%2BV3%2BDjndApv2WECjV5mxIGW6Rxrm7p8WqY1FpEYjvDVEVcXzBHGpUpr84klNO8O105v0KqOY%2BjZ0gcmw5l7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8deaa3807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 26 Jan 2024 23:03:47 GMT
plyr.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/plyrJs/ 		117 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/plyrJs/plyr.min.js?ver=6.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d4e557fae260566d3a44d3b94eb31158760bf12fb0b8b3d0359b78a3110fb52

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Jul 2021 08:55:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQBuZV7FN0v2tVg3dlPK%2Ff0M%2Bu1MIvV9S1cfbqKZ1Z3nYFOGEa7srj6IQPanNXdx7yp9j81qE%2BDFx%2BMDo%2BJ8pAYD06B4bjf47mCVAChGaS%2FYBszvpAEwE87cpf4dICyZVCwyhYLKe3xAMx2ITJK3C%2FkO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8deab3807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
anime.min.js
www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/js/anime.min.js?ver=6.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7813f21ffc8ab5a9c4808a33cae9e6234b4ab3b14245a8900bdd62879642077c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Mar 2020 10:08:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4v5gmq5LubrSxAVuUp4JsWmtgU74XrRrXMW1idNTuxTcchOzy6U%2FZ7Uis6YOKqNNqFDJTGPdBSbIlFsGEOFQ4PIsfEO5cBbZUdlItYqtFtOrEzKJw9jCCdpqcNGmFQO88lh5XhHwNcyU9zZZDF8J6e%2BR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8dead3807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Dec 2023 02:02:56 GMT
triangle-mena-news-coverage-public.js
www.lebanonfiles.com/wp-content/plugins/triangle-mena-news-coverage/public/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/plugins/triangle-mena-news-coverage/public/js/triangle-mena-news-coverage-public.js?ver=1.3.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7efd359cd7418393a4a48a1bdc760a0ca0562da42bbe89b8cb48cab89225a471

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 Mar 2020 10:08:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2tT%2BgElw7VL1ze1aziJKSHoP%2FQgtiNoxzYbHGV0s2vZaq07Y6Umc9i4jm%2BCkPnU4127NWpSPtOdi5mXR1QDA6cRnmMdzXTsbh39RTipeToSJqppZ%2B5en6j5Z6dDn0f31tKgDRbzV%2BHH2DcNgfWoXaGJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8deae3807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 25 Jan 2024 22:49:48 GMT
jquery-migrate.min.js
www.lebanonfiles.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 19:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ys4X%2BYnHeJEsEdEoLkpvRSnPcREIM4PCFC1YwoX9LKreMDzP617Btzl1gx1129GJSP6jHOa5iVVgniYDERi6dMetxzfafi4qjdDhGwaBW38vEuhSqYN%2Bd2aeflAu7NyaAQimErNnIaLAt0XcyQyzlH0m"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8deb13807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 19 Dec 2023 02:02:56 GMT
jquery.min.js
www.lebanonfiles.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 23 Jun 2022 19:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539578
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8M4nPCvQr64M2r4qYzC1mCnoNi%2FL9Z6S%2F0aJDo4EJY11yBpzC91i1AGQwaRJRqbBjlEyERUHZM4P%2BsP21Omxb9HLuHbdXuOb8ZQ%2F2bTrVLBBJb6uvfC2yyJ98q%2Bzw8%2BqsYJo4KfGhsc8Hc4vTHfcupk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fc8deb23807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 15 Sep 2023 05:33:03 GMT
invisible.js
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame FD2D 		35 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675756800
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07b6f1cd5cb30e9f17a75d91454b63803a6cbab1f543c4227a7cc915bbe18ec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NV%2BYbd2zEwqk6F8nPMDMUgbmGUQ%2Bdx9OgiBlmHCOSdqLgjNp2ZIB8%2FVgmO%2BpkWVYjOeNnNZ4fiaMiuiraw2YTj3dRbxMuhoBvJGyHkkkeAnk1f3LysWNlNZ79UdMRo1r3IljnmYdIJQbICBZeC0p7MeN"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, public
Connection
keep-alive
x-control-type-options
nosniff
CF-RAY
795b0fc8ee5492a7-FRA
Server-Timing
cf-q-config;dur=6.0000002122251e-06
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame FD2D 		19 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edfba941a872463aca82203db9987aa2e489d1ee92657cf78f1da36b2446f723

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGCzodnMzExihkox4nC3WyoEeTosGdi20dsVllivN19r73vPrp2AxWbFoY%2FxZmNNJI7Y%2BTV9wPSvPm7jrSDmpXg2DLh3fMEtXYPUKbfolKZQNYbqCEp2sDxYKHc5J9RorN70k4bKEpfu3c%2BnRzYJhg9S"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, public
Connection
keep-alive
x-control-type-options
nosniff
CF-RAY
795b0fc95e8f92a7-FRA
Server-Timing
cf-q-config;dur=4.9999998736894e-06
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
795b0fc5ac2692a7
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame FD2D 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/cv/result/795b0fc5ac2692a7
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675756800
Protocol
HTTP/1.1
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Feb 2023 09:22:32 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xp7MxHFEnlhbRC1KpiDIwoz1huh5XY9IXKnskzI4suSAMFnLmgVdfw%2FLlomy4xJoLfkk%2FSZb8i1OJsnjxCKL8zHK87itfwmku7F4TdFR6aSoO0vYHQTQOVK0lG2wKj6QyPq17oHai3TPxkhkBNcVYrwQ"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
Server-Timing
cf-q-config;dur=7.0000005507609e-06
CF-RAY
795b0fcb788692a7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:17:39 GMT
content-encoding
gzip
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
x-iplb-request-id
50FF0767:8218_2E69C9F0:0050_63E21858_24356:2707A
etag
W/"-375139978"
x-iplb-instance
40744
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
x-cdn-pop
sbg
accept-ranges
bytes
content-length
4547
x-request-id
540151900
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/ 		361 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b6d189571412e764d6e55d658851c1a342e064b73867afdce05834347adb84b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121333
x-xss-protection
0
server
cafe
etag
8729796676803515396
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 07 Feb 2023 09:22:32 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/ Frame 05F5 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230202/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
20704
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 03:37:29 GMT
etag
10353107486223812946
expires
Tue, 21 Feb 2023 03:37:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
formats.js
ad.lkqd.net/vpaid/ Frame 8CFF 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1675761753.cds151.fr8.hn,1675761753.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
formats.js
ad.lkqd.net/vpaid/ Frame 0E52 		118 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/formats.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
gzip
last-modified
Fri, 11 Dec 2020 00:09:23 GMT
etag
"286704660baa2c113268f28385080796"
x-hw
1675761753.cds151.fr8.hn,1675761753.cds289.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
35765
auto-user-sync
ads.stickyadstv.com/ 		43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:33 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1675761753567010-371
Expires
Tue, 07 Feb 2023 09:22:33 GMT
projectagora.min.js
aghtag.tech/libs/ 		301 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://aghtag.tech/libs/projectagora.min.js
Requested by
Host: htagpa.tech
URL: http://htagpa.tech/c/lebanonfiles.com.js
Protocol
HTTP/1.1
Server
2606:4700:3030::6815:1b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1554993bfd6558071bd0f007fbc97c32c540ad0339cdda7a274740b4b214ea7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:33 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KPSHRB6M4G1PTK8M
Age
3631
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
90328
x-amz-id-2
6S2p1PohnloyQDdxL554AEVLqYwiKfMIatc3vsy9b/QFRbSmGTVnkt+efvd4ADM4kbdiTiqFs7A=
Last-Modified
Mon, 23 Jan 2023 12:53:55 GMT
Server
cloudflare
ETag
"2c3fecba794ee3a60bb8d2e93da739a4"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIoivNaKABab62bhG7Mh5fRZQyqNCy6ODzDf1z6QpA1REVs7eHSJ%2Fg9O23vb25nHIwx%2FWluQ%2F39vg5L%2BDiXhdncZWjy0fjCj78daahRjmqIJWz4I%2FyntncpfsdWzu%2FzwWGjruHnO7ZGGJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
CF-RAY
795b0fcc7ebb91e3-FRA
floors
api.floors.dev/sgw/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
http://www.lebanonfiles.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Tue, 07 Feb 2023 09:22:33 GMT
expires
0
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
4.23.0.js
cdn.jsdelivr.net/gh/bidder-dev/prebid@master/ 		359 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Requested by
Host: cdn.bidder.dev
URL: https://cdn.bidder.dev/clients/21894097782/lebanonfiles/sa-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d56f50130039a9148a433fef8b688032afbfda0e6cf590594546913434e068e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3923
x-jsd-version
master
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19142-FRA, cache-yyz4527-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"59a64-U8CHrkDcnv5SfhljaVI67CWLEA0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mR%2B7ddzff%2Fq%2BgPNDtmwLFmobYeeV%2FVJ%2BElzRW2AJDwLGR4ch8%2Flw4%2F%2BijrCtAXJq8JKZhv2B3q8RkQhtFTgw5aOKzzmqyraPll5ENPSeg5AyF469wTzKmLhxluUjit2nmaKGZgAPNNfXkv78TaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
795b0fccce6c2c63-FRA
floors
api.floors.dev/sgw/v1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.floors.dev/sgw/v1/floors
Requested by
Host: cdn.bidder.dev
URL: https://cdn.bidder.dev/clients/21894097782/lebanonfiles/sa-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.128.112 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
112.128.160.34.bc.googleusercontent.com
Software
/
Resource Hash
0dd780e74ea7f7965574c0188ce56ad267cc1c7baec2c5b99db468769d40eff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
x-api-key
ab4375d6-5074-4f75-8bc8-1019cf85d964
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:33 GMT
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3780f318d0ccb31946a0772917be4aef32b284013e06db2dd09a5f87c3ad902f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27220
x-xss-protection
0
server
sffe
etag
"1475 / 39 of 1000 / last-modified: 1675724802"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 07 Feb 2023 09:22:33 GMT
tag.js
t.effectivemeasure.net/ 		0
0
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G4EQ7NKTZM&l=dataLayer&cx=c
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/cache/busting/1/gtm-943bffadb016293d1cf74b6dfb8d76ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
33d4735efdb9bca9441bba723cf37695228022df7300cabd420dedca99181b5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77621
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 07 Feb 2023 09:22:33 GMT
ga-fda30e8a22c9bcd954fd8d0fadd0e77c.js
www.lebanonfiles.com/wp-content/cache/busting/google-tracking/ 		49 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lebanonfiles.com/wp-content/cache/busting/google-tracking/ga-fda30e8a22c9bcd954fd8d0fadd0e77c.js
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/cache/busting/1/gtm-943bffadb016293d1cf74b6dfb8d76ae.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Jan 2023 11:35:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
539577
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXjCodgFr3p2%2BB%2FQsDO3eYQesmS%2BeQ8zyw6zki8suq2l5FeAHGsrgbN0lwu%2B39p2rCHRbloFKhwdCaNiR7uLvJKYyrAPQrCRr8XUb7ixoOCu2gh%2Ffc%2F1KbBb1rkF2%2B5RPqrc7gs3zLvshyVhrNvZgIZ1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
795b0fcc5b133807-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 26 Jan 2024 04:23:43 GMT
pubads_impl_2023020601.js
securepubads.g.doubleclick.net/gpt/ 		386 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9391ee65f6343d19726ddc38563462d51b4694f1b5c961fce6035cfd861e77c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:13:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
528
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133115
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 09:36:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 07 Feb 2024 09:13:45 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		3 KB
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.lebanonfiles.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0c1eced8657208f92c1d2f51f21806313adf0cc5953e5d4bd740087fe968065
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
639
x-xss-protection
0
expires
Tue, 07 Feb 2023 09:22:33 GMT
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?1238494&@f16&@g1&@h1&@i1&@j1675761753019&@k0&@l1&@m%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D8%B3%D8%A7%D8%B9%D8%A9%20%D9%85%D9%86%20%D9%84%D8%A8%D9%86%D8%A7%D9%86%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%20%D8%A8%D8%B4%D9%83%D9%84%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%7C%20Lebanonfiles%20%7C%20%D9%84%D9%8A%D8%A8%D8%A7%D9%86%D9%88%D9%86%20%D9%81%D8%A7%D9%8A%D9%84%D8%B2&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-68453873&@b3:1675761753&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fwww.lebanonfiles.com%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.31 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534110.ip-149-56-240.net
Software
/
Resource Hash
776ec9f2104f7e31fa8f565bcebbbaa105a76627fc78c82ad3fb48fb6b083f78

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:33 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
collect
www.google-analytics.com/j/ 		2 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1541745987&t=pageview&_s=1&dl=http%3A%2F%2Fwww.lebanonfiles.com%2F&ul=en-us&de=UTF-8&dt=%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D8%B3%D8%A7%D8%B9%D8%A9%20%D9%85%D9%86%20%D9%84%D8%A8%D9%86%D8%A7%D9%86%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%20%D8%A8%D8%B4%D9%83%D9%84%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%7C%20Lebanonfiles%20%7C%20%D9%84%D9%8A%D8%A8%D8%A7%D9%86%D9%88%D9%86%20%D9%81%D8%A7%D9%8A%D9%84%D8%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1112050685&gjid=1791923174&cid=523928778.1675761753&tid=UA-60620050-1&_gid=1696841188.1675761753&_r=1&gtm=2oubu0&z=1054765182
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/cache/busting/google-tracking/ga-fda30e8a22c9bcd954fd8d0fadd0e77c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
invisible.js
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame FD2D 		32 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675756800
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
HTTP/1.1
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb7cd99e7f4f1091a8c15cd186ab499198ce8af95dc17248287e18a697be01c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMFmTcM02laZu%2Fxn9sbmtCPnVHTXeFJD9ar25rYuif3UB%2BuY%2BiRNnSr6p1tOJFriHtKrCqJcAAwPyBzarfKYiv4o%2BKWzPJ7V6sCYfUtH%2BZMa7gQcMsyvhST%2BD%2Bs9pdU0wkrl3WoUbbkzpg%2FSjvAeHAbm"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, public
Connection
keep-alive
x-control-type-options
nosniff
CF-RAY
795b0fcce97c92a7-FRA
Server-Timing
cf-q-config;dur=6.0000002122251e-06
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=vidoomy&user_id=830776866.60218131503272412.8216957
  • https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=830776866.60218131503272412.8216957
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dvidoomy%26bsw_param%3D7b98b217-8a90-4507-852e-bd18524b089...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=817463e2-1859-4800-b13f-de4fed3864eb&expires=30&ssp=vidoomy&bsw_param=7b98b217-8a90-4507-852e-bd18524b0892&gdpr=&gdpr_consent=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=7b98b217-8a90-4507-852e-bd18524b0892
43 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=7b98b217-8a90-4507-852e-bd18524b0892
Protocol
H2
Server
52.59.113.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-113-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
//a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=7b98b217-8a90-4507-852e-bd18524b0892
date
Tue, 07 Feb 2023 09:22:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58610/occ
  • https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
  • https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-7gHR.J1E2uFyfP3dWEPQxSpPZwcGK7_Lo67zz2o-~A
43 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-7gHR.J1E2uFyfP3dWEPQxSpPZwcGK7_Lo67zz2o-~A
Protocol
H2
Server
52.59.113.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-59-113-250.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
none
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
43

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/cookie?i=YAH&uid=y-7gHR.J1E2uFyfP3dWEPQxSpPZwcGK7_Lo67zz2o-~A
date
Tue, 07 Feb 2023 09:22:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3510
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
795b0fcd0967907c-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 10 Feb 2023 09:22:33 GMT
imp.js
fd.tesseradigital.com/ 		0
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fd.tesseradigital.com/imp.js?_pid=163594704&_ouuid=wen9oYxK6bAb5w5BdficTU0KcQ3myVg3meKA7KxEYaIo&_oprio=0&_oref=http%3A%2F%2Fwww.lebanonfiles.com%2F
Requested by
Host: tpx.tesseradigital.com
URL: https://tpx.tesseradigital.com/dist/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.196.91.239 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-91-239.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:21:27 GMT
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified
Tuesday, 07-Feb-2023 09:21:27 GMT
server
nginx
etag
"da39a3ee5e6b4b0d3255bfef95601890afd80709"
content-length
0
content-type
text/html; charset=UTF-8
sdk.js
connect.facebook.net/ar_AR/ 		302 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ar_AR/sdk.js?hash=ddfae3a9af485aaf5793f669ee8734d0
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ar_AR/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5816fe8a64fc007053e148393dfdb2895f973e362549b6af963b67cb81a7d9b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.lebanonfiles.com/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 07 Feb 2023 09:22:33 GMT
content-md5
vVcCDEnQbtGtSRN9l2Jk/Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87239
x-fb-rlafr
0
x-fb-debug
3yrnUQ2vkScuh+XUw4/9J3SkhtDT7kuC4C1k4FfhJ9F16CshcKA/JAido03vkrYyrVHVofuJH6TqpCJ4Am47UQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
917726464
x-fb-content-md5
8e6243b1ede496606b21ae4d3c9455fb
cross-origin-opener-policy
same-origin-allow-popups
etag
"903f4e2fde920083592fb870cf33b8e9"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 07 Feb 2024 07:59:37 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 		406 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 08:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
88201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165540
x-xss-protection
0
last-modified
Tue, 31 Jan 2023 02:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Feb 2024 08:52:32 GMT
zFOC2M3R.jpg
www.lebanonfiles.com/wp-content/uploads/2023/01/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/01/zFOC2M3R.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.js?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e7f9185221ec3fb4bf399ad7d819c338a1d6af989e11e2984c494389c527aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
536634
cf-polished
degrade=85, origSize=58404
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53418
cf-bgj
imgq:85,h2pri
last-modified
Sun, 15 Jan 2023 04:37:49 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0qE5bBMNf5VrgrfUO700fA8HcY3RXkM5PCITuaDeu414fk8OC5awwuRxHXGHVtNbyGU45wjOSz3Cpc%2FtpSF%2F51V%2Binx6%2BqaT0ES86bBAy6csQ4UJeaygHAPbT%2BTs0nCSD0HWyQBW%2FN0dKnq%2Byg5awzV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fcd3c413807-FRA
expires
Mon, 15 Jan 2024 04:40:21 GMT
image-13-810x450.png
www.lebanonfiles.com/wp-content/uploads/2023/01/ 		685 KB
685 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/01/image-13-810x450.png
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.js?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa7dcde5811304df45bb4c6d7dbadc051064e93db766eaa87a7676b05b8579aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
533955
cf-polished
origSize=787499
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
701150
cf-bgj
imgq:85,h2pri
last-modified
Thu, 05 Jan 2023 09:58:50 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrxIEgZFdqN4ZJ3MQbl6R6uYO2Ihd%2FQmPzlujTTIRCMSDmGcDotuk5Tfu%2FIIpUGwOiObb9bIFByDAwh8XZrT6HR19Ah5pEAgJQCIzbbIo6UAqcaYzrcVfNfbwuWiYr5N542B%2FTmounfjilye3zaOL2Wb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fcd3c443807-FRA
expires
Sun, 21 Jan 2024 02:57:08 GMT
image20-810x450.jpeg
www.lebanonfiles.com/wp-content/uploads/2022/12/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2022/12/image20-810x450.jpeg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.js?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61594bb60aade5b604c5795ca33697b4eaaa340bbbb58cba010f58649cb88a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
533955
cf-polished
degrade=85, origSize=71335
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68261
cf-bgj
imgq:85,h2pri
last-modified
Sat, 24 Dec 2022 08:31:01 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=znnxphaLCvjIECmMwyP9R7GmIY4hDO4WseRwl7Aj41omia3mGCOC7TQezOl6flwPVCJElLyNZnGEpXoUK0rAbJrqbLTJ2Aq2Gnm8O3VZXJJhT0ucDc5oTIzIkvqBYkNGb2AqDxBRPLh0blvCIayCnuM8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fcd3c463807-FRA
expires
Fri, 19 Jan 2024 19:53:23 GMT
FoWG0_lXwAMBrtQ-810x450.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/FoWG0_lXwAMBrtQ-810x450.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.js?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db5b28c1d1296a4c8c8d0828b48f9d9a5a0b4bf74db2a567ebb52f907dde984a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2030
cf-polished
degrade=85, origSize=110521
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
101464
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Feb 2023 08:41:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFRTnzYhkPmsfCfH8faD8vS7p8yBhcxqCO%2BuYCR5CjBIN%2B%2Fr5U2zJrbtftw%2BKT7rYFPedrD9FbFdy3sYi7Hc9HkuqoMsmymQsvdlmHbxzrMOKdMZrydKlJnbbE5ZMIAaoMHQuMp4B8tXmxnpg2jpsoN7"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fcd3c473807-FRA
expires
Wed, 07 Feb 2024 08:48:41 GMT
4-1.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/4-1.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.js?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1012c5eec2349dd545fe96d4e5b113b783457cc3e29939838634f9235ecd097e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
310697
cf-polished
degrade=85, origSize=74123
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37907
cf-bgj
imgq:85,h2pri
last-modified
Fri, 03 Feb 2023 19:01:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2F4VN6Ct4rmqZirlEGZGN3rLJ9ezzlRcJ8QRsbMiXFS%2BgLFnD5Cbd7jZsCdhrooyJYlK9L0zR4Q6uVSzA9HfuNa4MOOolfQrvIWTpclG3RiT2Ecq5u%2BHnhJLkSj8qkL6S%2FsxyerKeKdqaxfOG43QCk2G"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fcd3c483807-FRA
expires
Sat, 03 Feb 2024 19:02:41 GMT
Fn4KyfjaQAEnMZy-810x450.jpg
www.lebanonfiles.com/wp-content/uploads/2023/02/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/02/Fn4KyfjaQAEnMZy-810x450.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.js?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fa4334484b61c91ec5fa632b9df577eb89c502f5a75c104c1e848a7410fe710

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
509114
cf-polished
degrade=85, origSize=79496
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75282
cf-bgj
imgq:85,h2pri
last-modified
Wed, 01 Feb 2023 11:54:33 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOQjx9opm7JukP%2FHVS1fyb8pQ6ORKycflFVyzLCafawQxLcYop6F9dpHMYCeXT7dnNww5U5cqKI%2BX1ZAFGJM0RNhPwvyxRX2Jy5ahKRZq8KMDQENcH98ehuzmx9eYgE6aiJl7jPsdg1qOP5BeSGbd4TY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fcd3c4a3807-FRA
expires
Thu, 01 Feb 2024 11:55:41 GMT
89d21d01-3729-418f-b472-95910ed0860c-810x450.jpg
www.lebanonfiles.com/wp-content/uploads/2023/01/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/01/89d21d01-3729-418f-b472-95910ed0860c-810x450.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.js?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c897d4713cc240286b98544e6fc41dd041d6d4ea6f5855725c1229b78de8253a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
323590
cf-polished
degrade=85, origSize=63942
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
60994
cf-bgj
imgq:85,h2pri
last-modified
Wed, 25 Jan 2023 14:50:18 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXD6rjy94atTa1Qr82mRBeN3WySYFjNeVGJuOp8fSQri%2FzgNHvGIGj2E9OMSCz5vVMvgBH2MEyjySZJqWJz3NaOB2gYs7Wew08WuJdAFyF3NDLXN2F6PocWeF%2F%2FArh2Qimd0aEsYGoPelvVwOMyxxoPH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fcd3c4b3807-FRA
expires
Fri, 26 Jan 2024 22:57:48 GMT
1111111111-810x450.jpg
www.lebanonfiles.com/wp-content/uploads/2023/01/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lebanonfiles.com/wp-content/uploads/2023/01/1111111111-810x450.jpg
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/themes/lebanonfiles/libraries/swiper/swiper.min.js?ver=6.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af08f6dcc3d4135a5034fe5f4b86ef4cf6e9059cfdef055fd8607a465f66dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
533955
cf-polished
degrade=85, origSize=61311
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58559
cf-bgj
imgq:85,h2pri
last-modified
Sat, 21 Jan 2023 07:57:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0JiwHz%2F%2F%2BG7Hx8iWWtPfNQxbfY2yuxcXc%2Bko0wSTPOwJb8jPG4ggCOSCEzIXHuqm9xaHi7WwzcCz%2FGkRP0YrgZQDeKiwQe9eVRjbhB9w1hDGOuxOcsmYZnqLn%2BaI4Zg%2BQuSaJDWs8AIFMENhl9HMtjtO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
795b0fcd3c4c3807-FRA
expires
Fri, 26 Jan 2024 05:50:18 GMT
/
www.lebanonfiles.com/
Redirect Chain
  • https://www.lebanonfiles.com/wp-admin/admin-ajax.php?action=get_breaking_news&nonce=90f1e20079
  • http://www.lebanonfiles.com/
0
0
rum
www.lebanonfiles.com/cdn-cgi/ 		0
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
HTTP/1.1
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 07 Feb 2023 09:22:33 GMT
X-Content-Type-Options
nosniff
Server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
http://www.lebanonfiles.com
X-Frame-Options
DENY
access-control-allow-credentials
true
Connection
keep-alive
CF-RAY
795b0fcd79f392a7-FRA
prebid7.17.0.js
get.optad360.io/sf/ 		492 KB
493 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid7.17.0.js
Requested by
Host: get.optad360.io
URL: http://get.optad360.io/sf/8b2de328-d178-47b2-bc5e-74cf6a08de97/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
529d5a06e1e90ceadfad7e6c2eaed6e9b868a35798345d5431c90f6024f15b55

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 07 Dec 2022 18:25:08 GMT
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
last-modified
Mon, 03 Oct 2022 06:53:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
5324246
etag
"840fa482840c0b1f014b3c14f6e0ab2e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
accept-ranges
bytes
content-length
504152
x-amz-cf-id
s-UftgFioyB7VB7BsdrN3w5FYb3bPAiJ_1k03X6Rry5SFH-vr1mLYw==
cookie.js
partner.googleadservices.com/gampad/ 		399 B
605 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.lebanonfiles.com&callback=_gfp_s_&client=ca-pub-8745593945608202
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7943b56a29ff01466192c0f17999654f80b24ca851291fb42e84c2944d239620
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
253
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&tn=HEADER&id=masthead&cls=site-header&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0597 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8745593945608202&output=html&adk=1812271804&adf=3025194257&lmt=1675761753&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&ea=0&pra=5&wgl=1&dt=1675761752923&bpp=4&bdt=803&idt=289&shv=r20230202&mjsv=m202301170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4395065835724&frm=20&pv=2&ga_vid=523928778.1675761753&ga_sid=1675761753&ga_hid=1541745987&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C44774606%2C44779794%2C31071268&oid=2&pvsid=1794503022683742&tmod=227946247&uas=0&nvt=1&fsapi=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=348
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:33 GMT
expires
Tue, 07 Feb 2023 09:22:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230202&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
113b67a6c606ec83a6481fa747643a4ec2e73f3673c558c7196d4aea1699e045
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11268
x-xss-protection
0
usync.html
ad.lkqd.net/cookie-sync/ Frame A6E8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Tue, 07 Feb 2023 09:22:33 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1675761753.cds151.fr8.hn,1675761753.cds288.fr8.c
ad
v.lkqd.net/ Frame 8CFF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=78622761&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
95cfe6f87f9fe4f607d78f3173b85fe284b8ee851733c802af55d8ba94c0a928

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:33 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml; charset=UTF-8
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1405
collect
stats.g.doubleclick.net/j/ 		1 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-60620050-1&cid=523928778.1675761753&jid=1112050685&gjid=1791923174&_gid=1696841188.1675761753&_u=YEBAAUAAAAAAACAAI~&z=1833781387
Requested by
Host: www.lebanonfiles.com
URL: https://www.lebanonfiles.com/wp-content/cache/busting/google-tracking/ga-fda30e8a22c9bcd954fd8d0fadd0e77c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 07 Feb 2023 09:22:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
xtb.min.js
cdn.exitbee.com/ 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.exitbee.com/xtb.min.js
Requested by
Host: aghtag.tech
URL: http://aghtag.tech/libs/projectagora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:c1e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd3526ddba0514315d1dfabd7413c70fa2295b04c7c2b7764c7117803af3ea58

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
240
x-guploader-uploadid
ADPycduV9PbbPqliYbom8LYhBFq5eOz6DKVEE7GSkQ0yJlRQ3NfLcKykSZ6I9I6anQF25_2Rw_dEkoGzwINnVaxq2khUFpOYVaiS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 19 Oct 2022 12:26:43 GMT
server
cloudflare
etag
W/"903b1d44ea177befd6f3c248cf8208fd"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1666182403691268
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=iVmvWg==, md5=kDsdROoXe+/W88JIz4II/Q==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uREgz8GcmVASl%2BFej%2BCrIhmLVkABFZ9tU21XxWo8Ql2gYq8mjuEsasebh2erqgsaWUAAiZE9K6sVkws%2FvMnBc7Voeio1WiJGUuqSyz90BLevG9iv83mo1tBVRVe0HqBKP1iSOxQsDmfBnb2WL%2BQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
59559
cf-ray
795b0fcf3d8d373b-FRA
expires
Tue, 07 Feb 2023 09:18:53 GMT
incoming
tpx.tesseradigital.com/ 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpx.tesseradigital.com/incoming?p=false&a=false&b=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.157.179.180 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-179-180.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
last-modified
Tuesday, 07-Feb-2023 09:22:33 GMT
server
nginx
usync.html
ad.lkqd.net/cookie-sync/ Frame DC03 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Tue, 07 Feb 2023 09:22:33 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1675761753.cds151.fr8.hn,1675761753.cds288.fr8.c
ad
v.lkqd.net/ Frame 0E52 		180 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115699&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=50117809&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:33 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml; charset=UTF-8
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
150
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43db761b6e5253d5479c087db43a7b7259bf90750ed5a0072b8fba29d225c98d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
19304
x-jsd-version
1.0.1610
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4576-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-r1BlFG0en/S/MeqU9AqG1I+vTTQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7AAwR2Zbg9fDEgSVytM1r%2B1X1Z6gqE%2FRj%2BXqtHvgCBev5D19at7Y%2BunLFh53sz9LxS%2BMKUndhp%2F4cyQT9aN2C37EUnKPY3hIqmo%2BEBSHlv464NKDawbprW3UI6vUE6BsueJ177bRqOCN%2BzqJKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
795b0fcf2c2b92c9-FRA
web
onesignal.com/api/v1/sync/526a87ee-0554-4141-869b-9284da88eaea/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/526a87ee-0554-4141-869b-9284da88eaea/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901180f4ea950ef9bf97539a95148ead95eec398f0fb583f8c87fdea2774e418
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
3484
cf-polished
origSize=3427
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ec3150e2-d975-444b-8229-6c8620b1dd87
x-runtime
0.023351
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"9918558fe914ce70e543069172febc60"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
795b0fcf0b89907c-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 07 Feb 2023 10:22:33 GMT
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G4EQ7NKTZM&gtm=45je3210&_p=1541745987&cid=523928778.1675761753&ul=en-us&sr=1600x1200&uaW=1&_s=1&sid=1675761753&sct=1&seg=0&dl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D8%B3%D8%A7%D8%B9%D8%A9%20%D9%85%D9%86%20%D9%84%D8%A8%D9%86%D8%A7%D9%86%20%D9%88%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%20%D8%A8%D8%B4%D9%83%D9%84%20%D9%85%D8%A8%D8%A7%D8%B4%D8%B1%20%7C%20Lebanonfiles%20%7C%20%D9%84%D9%8A%D8%A8%D8%A7%D9%86%D9%88%D9%86%20%D9%81%D8%A7%D9%8A%D9%84%D8%B2&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G4EQ7NKTZM&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8745593945608202&plah=www.lebanonfiles.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 09:22:33 GMT
pica.js
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame FD2D 		19 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
HTTP/1.1
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c1a2fd55777ecf24486a5434b7287f5da121b1374b387f372e7dce71b8ae88d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=UTF-8
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nf1t%2FzGhZdqGcuD9QlZOO8lD%2FwdlRhRYry5TTqbfQXb6viQbvDXRJR2qDgkzrfJ%2FVYFsjFWdZaHvN0bbFB8CRGZeBLZ1fAc%2BIE2%2BOxOvM8p4x7D%2F7X%2FumSjvl%2BMVCxwd%2Byi%2B4WJdWcOoakYRD%2FDnu2o"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, public
Connection
keep-alive
x-control-type-options
nosniff
CF-RAY
795b0fcfab6592a7-FRA
Server-Timing
cf-q-config;dur=6.0000002122251e-06
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cs
cs.lkqd.net/ Frame A6E8
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3ebea895-f7a8-4a58-950e-424bcab69405
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3ebea895-f7a8-4a58-950e-424bcab69405
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=3ebea895-f7a8-4a58-950e-424bcab69405
date
Tue, 07 Feb 2023 09:22:33 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame A6E8 		43 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A6E8 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A6E8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2852590471268345559
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2852590471268345559
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2852590471268345559
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame A6E8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=xHdopG0BSH1gnBIQptEGm1D_B2c
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=xHdopG0BSH1gnBIQptEGm1D_B2c
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=xHdopG0BSH1gnBIQptEGm1D_B2c
Date
Tue, 07 Feb 2023 09:22:33 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230207
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid7.17.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43db761b6e5253d5479c087db43a7b7259bf90750ed5a0072b8fba29d225c98d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
19304
x-jsd-version
1.0.1610
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230021-FRA, cache-yyz4576-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-r1BlFG0en/S/MeqU9AqG1I+vTTQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJSWY4SNumpeXyIpem%2B65V7hFMTAke5Z0ok5zNdsBgW0aD8JCIKBY7d6KpFLp7UHMCpTkeKVKvIS%2BMeu%2Fw3muum%2BkKoNSUHJy7Lsw8tqLtycqYs7LJMTmJoAcOAh3Cs0Fudw%2BY268OudBTleAoU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
795b0fcfdcd992c9-FRA
cs
cs.lkqd.net/ Frame DC03
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=a45f3175-f6e8-4c2a-ad6b-aad902a6d754
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=a45f3175-f6e8-4c2a-ad6b-aad902a6d754
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=a45f3175-f6e8-4c2a-ad6b-aad902a6d754
date
Tue, 07 Feb 2023 09:22:33 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame DC03 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame DC03 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame DC03
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2924648065306273495
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2924648065306273495
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2924648065306273495
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame DC03
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=2MFQ0PXlQxlijwVvrt_4JlD_B2c
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=2MFQ0PXlQxlijwVvrt_4JlD_B2c
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=2MFQ0PXlQxlijwVvrt_4JlD_B2c
Date
Tue, 07 Feb 2023 09:22:33 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0
settings
s.exitbee.com/7992/ 		0
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.exitbee.com/7992/settings
Requested by
Host: cdn.exitbee.com
URL: https://cdn.exitbee.com/xtb.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4466 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
xtb-visit-duration
120
xtb-eb-response
21
xtb-country
Germany
xtb-visit-id
dcded0b8-5421-4803-8720-a0b485232116
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
xtb-zip-code
93138
server
cloudflare
xtb-city
Lappersdorf
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAutfwWm1HeWycClR76fWzhyy698vgNC7EaDiGgKcvNl3T8303jpuKdyhpOtWuo5AzQSn%2F3TBKioE713OJYWH2SKcU0ikdHo9M%2BkdksqLoCkvbueQJy1hYfxbzMdBCu2fud9H4SAyAhryekG"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Xtb-Vid, Xtb-Visit-Id, Xtb-Visit-Duration, Xtb-Country, Xtb-City, Xtb-Zip-Code, Xtb-Pageviewid, Xtb-eb-response
xtb-pageviewid
f064f27c-4027-4e07-a110-24c11a428b74
access-control-allow-credentials
false
cf-ray
795b0fd13f292bc7-FRA
xtb-vid
872b6565-7df5-4ddd-9499-ae6f1764b0f0
init
services.insurads.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/init?appId=RV0UR9OI&h=http%3A%2F%2Fwww.lebanonfiles.com%2F&tcfc=1&t=1675761753605
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/RV0UR9OI.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.108.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-108-144.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1a1b0c960c233230b7028ef3149372ee3f0ba68a00f37aa29eda48b4c0c05274

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
settings
s.exitbee.com/7992/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s.exitbee.com/7992/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:4466 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
http://www.lebanonfiles.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
795b0fd0debf2bc7-FRA
content-length
0
date
Tue, 07 Feb 2023 09:22:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFOdXfhB1hvhQiP%2FSHIDKN3Tktt0Xa7kc8lNJOVjcCV11AuaIyvIq1OJuum6fwYIzW3tYFq2ouZloDy%2FLbctg7%2FiO6E0Im7xXHYIxmb6U0U9qpyTJhdFvxhGsMB6QSCY%2FSfZCaQhzx5cSMta"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:33 GMT
server
nginx
t
t.lkqd.net/ Frame 59EE 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vpaid.js
ad.lkqd.net/vpaid/ Frame B2B0 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1675761753.cds151.fr8.hn,1675761753.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
t
t.lkqd.net/ Frame 2532 		0
0
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:33 GMT
server
nginx
usync.html
ad.lkqd.net/cookie-sync/ Frame 4267 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Tue, 07 Feb 2023 09:22:33 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1675761753.cds151.fr8.hn,1675761753.cds288.fr8.c
ad
v.lkqd.net/ Frame B2B0 		57 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=78622761&m=&rtv=1&thost=www.lebanonfiles.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
f74b21fb7601b050295755d66840e040a40bc458318c504be282a82da25af019

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Feb 2023 09:22:34 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3849
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=78622761&m=&rtv=1&thost=www.lebanonfiles.com
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Access-Control-Expose-Headers
Content-Type, Content-Disposition
Access-Control-Max-Age
300
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Feb 2023 09:22:33 GMT
Server
nginx
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 37F2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2059
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 08:48:14 GMT
expires
Wed, 07 Feb 2024 08:48:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7479 		783 B
915 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e26a5d6b746a43668fa2ce246e51df82c5f6e8cb73a8bdf12f902260ce6d80fb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X3S0lfVf99Irc4pb6tn2qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-X3S0lfVf99Irc4pb6tn2qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:33 GMT
expires
Tue, 07 Feb 2023 09:22:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cs
cs.lkqd.net/ Frame 4267
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=ef7497ff-6c56-44c9-8683-0b5125cf2247
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=ef7497ff-6c56-44c9-8683-0b5125cf2247
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=ef7497ff-6c56-44c9-8683-0b5125cf2247
date
Tue, 07 Feb 2023 09:22:33 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 4267 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 4267 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:33 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 4267
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 4267
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Date
Tue, 07 Feb 2023 09:22:34 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame 37F2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:22:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
3585
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 08:22:48 GMT
795b0fc5ac2692a7
www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame FD2D 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/cv/result/795b0fc5ac2692a7
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675756800
Protocol
HTTP/1.1
Server
2606:4700:20::681a:b47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Feb 2023 09:22:34 GMT
Content-Encoding
gzip
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPI78RFMlOPP6DOh%2FZI8GduF1inCFjdozjgyJqMhxQDlBleJb8fUHodC56cprsM4CZbWZc2lGp5WHZNNZBbf5pW9eCUj%2BO13W%2Frlx2LTKAYxclVI234%2FrYe7AS5Njmx6La4ZmONJMSM9ksrpb%2BsN3tgB"}],"group":"cf-nel","max_age":604800}
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
Server-Timing
cf-q-config;dur=8.0000008892966e-06
CF-RAY
795b0fd29dc592a7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
t
t.lkqd.net/ Frame FA8F 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:34 GMT
server
nginx
events
analytics.leya.tech/ 		188 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.leya.tech/events
Requested by
Host: cdn.bidder.dev
URL: https://cdn.bidder.dev/clients/21894097782/lebanonfiles/sa-script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.145.108 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.145.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2e7b572fb8c157fa128e3ca13f7c7f904176c4f59b010a8e498af74cd5891103

Request headers

x-api-token
d72dc3aa-077f-4497-9920-7fc4a89fa510
Accept
application/json, text/plain, */*
Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
server
UploadServer
x-guploader-uploadid
ADPycdtJmMnGVr9VZVpcwObgm-vow2nF35SF5M2_zaRSuVRH1DiDLrC1VBGHEKQBQzedHmbn_mbU6Nz3Z7R0BvLI_eqq
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml; charset=UTF-8
access-control-allow-origin
http://www.lebanonfiles.com
access-control-allow-credentials
true
access-control-allow-headers
x-api-token,Content-Type,Authorization,Origin,X-Requested-With,Accept
content-length
188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
events
analytics.leya.tech/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.leya.tech/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.145.108 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.145.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-token
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-api-token,Content-Type,Authorization,Origin,X-Requested-With,Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://www.lebanonfiles.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:34 GMT
expires
Tue, 07 Feb 2023 09:22:34 GMT
server
UploadServer
x-guploader-uploadid
ADPycdtlpmbZaOQA-j1OnENgw7E2N3L0S3zIQH_npeKFXP7EmEQ-IJrdEQL6WQO3pwX9yjK5sgEPicZYZL8cjZ2KOGFt
arj
adsparc-d.openx.net/w/1.0/ 		73 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsparc-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fwww.lebanonfiles.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a265c1f0-16d4-404c-85f3-5bafede7e8f4%2Cd8e91275-2811-4b4b-b1ea-e5601c92b153%2Cbd1bd344-69be-4ea4-ad08-b52b9b1af8cc%2Ccba014f5-da9f-4655-9235-b301e917c54b%2Cb56b798a-f4a4-464c-8e18-61a19c24929e%2Cc34d7932-a333-429e-b3d8-17e658d049bd%2C9f628ade-29aa-4067-a195-35e49c2a190e%2C666b6c8a-8d83-45e8-a04a-d3917605a7b4%2Cca53df46-7576-4360-b76b-1480dc8c6708%2Cc8f165b3-2089-4cca-9e37-76d2fcde5b65&nocache=1675761754039&pubcid=cdb1786b-a05f-4914-b50d-36167dc26fd6&aus=728x90%7C728x90%2C970x90%2C970x250%7C300x600%7C300x250%2C300x600%7C728x90%2C970x90%2C970x250%7C300x600%7C300x250%7C728x90%2C970x90%2C970x250%7C300x250%7C300x250%2C300x600&divIds=LFiles_728x90(1)%2CLFiles_728x90_970x90_970x250(4)%2CLFiles_300x600(2)%2CLFiles_300x600_300x250(2)%2CLFiles_728x90_970x90_970x250(3)%2CLFiles_300x600(1)%2CLFiles_300x250(2)%2CLFiles_728x90_970x90_970x250(2)%2CLFiles_300x250(1)%2CLFiles_300x600_300x250&auid=543842992%2C543843004%2C543842998%2C543843007%2C543843000%2C543842994%2C543842991%2C543842996%2C543842987%2C543843003
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
361fbd04cca1aba0f89d13e5315d1ab3d8434e0b654501dd6446d854171ea7df

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
hb.emxdgt.com/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1200&ts=1675761754040&src=pbjs
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.141.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-141-17.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:34 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
/
adx.adform.net/adx/ 		90 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTkyMzU0NiZ0cmFuc2FjdGlvbklkPWEyNjVjMWYwLTE2ZDQtNDA0Yy04NWYzLTViYWZlZGU3ZThmNCZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1NiZ0cmFuc2FjdGlvbklkPWQ4ZTkxMjc1LTI4MTEtNGI0Yi1iMWVhLWU1NjAxYzkyYjE1MyZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1NyZ0cmFuc2FjdGlvbklkPWQ4ZTkxMjc1LTI4MTEtNGI0Yi1iMWVhLWU1NjAxYzkyYjE1MyZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1OCZ0cmFuc2FjdGlvbklkPWQ4ZTkxMjc1LTI4MTEtNGI0Yi1iMWVhLWU1NjAxYzkyYjE1MyZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ3OCZ0cmFuc2FjdGlvbklkPWJkMWJkMzQ0LTY5YmUtNGVhNC1hZDA4LWI1MmI5YjFhZjhjYyZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ4MSZ0cmFuc2FjdGlvbklkPWNiYTAxNGY1LWRhOWYtNDY1NS05MjM1LWIzMDFlOTE3YzU0YiZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ4MiZ0cmFuc2FjdGlvbklkPWNiYTAxNGY1LWRhOWYtNDY1NS05MjM1LWIzMDFlOTE3YzU0YiZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1MyZ0cmFuc2FjdGlvbklkPWI1NmI3OThhLWY0YTQtNDY0Yy04ZTE4LTYxYTE5YzI0OTI5ZSZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1NCZ0cmFuc2FjdGlvbklkPWI1NmI3OThhLWY0YTQtNDY0Yy04ZTE4LTYxYTE5YzI0OTI5ZSZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1NSZ0cmFuc2FjdGlvbklkPWI1NmI3OThhLWY0YTQtNDY0Yy04ZTE4LTYxYTE5YzI0OTI5ZSZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ3NyZ0cmFuc2FjdGlvbklkPWMzNGQ3OTMyLWEzMzMtNDI5ZS1iM2Q4LTE3ZTY1OGQwNDliZCZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ3NiZ0cmFuc2FjdGlvbklkPTlmNjI4YWRlLTI5YWEtNDA2Ny1hMTk1LTM1ZTQ5YzJhMTkwZSZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU0OSZ0cmFuc2FjdGlvbklkPTY2NmI2YzhhLThkODMtNDVlOC1hMDRhLWQzOTE3NjA1YTdiNCZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1MSZ0cmFuc2FjdGlvbklkPTY2NmI2YzhhLThkODMtNDVlOC1hMDRhLWQzOTE3NjA1YTdiNCZyY3VyPVVTRA%3D%3D&bWlkPTkyMzU1MiZ0cmFuc2FjdGlvbklkPTY2NmI2YzhhLThkODMtNDVlOC1hMDRhLWQzOTE3NjA1YTdiNCZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ3NSZ0cmFuc2FjdGlvbklkPWNhNTNkZjQ2LTc1NzYtNDM2MC1iNzZiLTE0ODBkYzhjNjcwOCZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ3OSZ0cmFuc2FjdGlvbklkPWM4ZjE2NWIzLTIwODktNGNjYS05ZTM3LTc2ZDJmY2RlNWI2NSZyY3VyPVVTRA%3D%3D&bWlkPTkyMzQ4MCZ0cmFuc2FjdGlvbklkPWM4ZjE2NWIzLTIwODktNGNjYS05ZTM3LTc2ZDJmY2RlNWI2NSZyY3VyPVVTRA%3D%3D&pt=gross&stid=f23daff5-e0d3-4ea6-9a23-3cd80ef1362e&fd=1&eids=eyJwdWJjaWQub3JnIjp7ImNkYjE3ODZiLWEwNWYtNDkxNC1iNTBkLTM2MTY3ZGMyNmZkNiI6WzFdfX0%3D
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
04db1928cac9786ab103fd8921943f73e1e58330f9894c7b908cb9d6b962da4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		50 B
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:34 GMT
AN-X-Request-Uuid
401dfdc6-3243-4b85-abed-9e3aa69f1800
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		50 B
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:34 GMT
AN-X-Request-Uuid
9553d7bc-90a8-4bff-a4e4-2526ad2a25b3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7479 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230202&jk=1794503022683742&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
iat-realtime-7.0.0-ws.js
cdn.insurads.com/ 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-realtime-7.0.0-ws.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=RV0UR9OI&h=http%3A%2F%2Fwww.lebanonfiles.com%2F&tcfc=1&t=1675761753605
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
9750f710e33b68e3d4551759753b699afe70c81f26c8fe5082ea16b3b1dd18ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
content-encoding
gzip
cdn-edgestorageid
1055
x-amz-request-id
NCP8AGBRM0D19HP7
cdn-cachedat
12/15/2022 12:48:27
cdn-pullzone
55316
x-amz-id-2
31VkWkU+88KOCJBcTBe2QkStVX0Q086WhhzcDdFO/nHIjaDMm9qwxmFzNe+ozMGxcCHS1PG0IPw=
last-modified
Wed, 30 Nov 2022 11:44:52 GMT
server
BunnyCDN-DE1-1055
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"9f16ca7f10cfab5056d5839d2a54ed4c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
fd70594f2635c7ad296ae11449257fbf
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
iat-1.9.6.js
cdn.insurads.com/ 		107 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.insurads.com/iat-1.9.6.js
Requested by
Host: services.insurads.com
URL: https://services.insurads.com/init?appId=RV0UR9OI&h=http%3A%2F%2Fwww.lebanonfiles.com%2F&tcfc=1&t=1675761753605
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-225.bunnyinfra.net
Software
BunnyCDN-DE1-1055 /
Resource Hash
72e3399a052fd2d20167a1730e44f50b8141b04e12dd2f57958391fd56a53bd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
content-encoding
gzip
cdn-edgestorageid
1055
x-amz-request-id
FYTVCHXH3N7EA8P3
cdn-cachedat
01/30/2023 16:51:18
cdn-pullzone
55316
x-amz-id-2
NWi/9qVZtDwWNO/8tl+K7cD6LPbjVg0ED3oWFjROiOnYEG4sNu2BqeTC+SQ2f61v02KZGi2nAYw=
last-modified
Mon, 30 Jan 2023 16:50:15 GMT
server
BunnyCDN-DE1-1055
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"5b2da6f5628d12a5c2dc7f04cfc896c6"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
56a941db-1de6-4dd7-bd60-f93546463707
cache-control
max-age=2592000
cdn-requestid
c586c6239c7db67cc5d1d54c3e7ade5c
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
initcb
services.insurads.com/ 		288 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/initcb?v=1.0.12&appId=2490&vId=01453D0F6A0C04E2&s=2910&fpc=1&nv=1&h=http%3A%2F%2Fwww.lebanonfiles.com%2F&tcfc=1&lts=0&ts=1675761754086&iatId=01b252f7b1c688b97b62314ec5bfc24b&iatIdB=cd5fa8e2b2144af6bf1131e2f266b2cd&iatIdM=11111111&iatIdV=1.0&lIatId=0&lIatIdB=0&lIatIdM=0&lIatIdV=0&lch=AUUEIZEBOM
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/bootstrap/RV0UR9OI.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.108.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-108-144.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f02a6eaae7dedd59a53440a87814f677d015928a5b80a0eefd34f2fdbb3ff706

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:34 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 37F2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?1A3MUw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ad
services.insurads.com/ Frame C965 		131 B
355 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/ad?auid=929906&csz=%5B%5D&sz=%5B%5D&appId=2490&s=2910&dm=1&is=0&ct=%7B%7D&h=http%3A%2F%2Fwww.lebanonfiles.com%2F&sid=01453D0F6A0C04E2&v=1.9.6&rv=1&ts=1675761754167
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.9.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.108.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-108-144.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d11fb28567655d1d01fdcd2888002b1d72439e7a9b25a827550582801ba44852

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:34 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript;charset=UTF-8
x-nocache
true
cache-control
no-cache, no-store, must-revalidate
expires
Thu, 01 Jan 1970 00:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C1574000520973788369426325793,,&tg_c.language=es&width=400&height=225
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.159.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-159-169.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:34 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
tag
4cywq-eqnre.ads.tremorhub.com/ad/ 		119 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fwww.lebanonfiles.com%2F&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C940116509973788369426325793%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:1473:79ff:9ba3:468f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:34 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
http://www.lebanonfiles.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
av
vidoomy-d.openx.net/v/1.0/ 		48 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&cb=990741724&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C973788369426325793892380683,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ 		65 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ 		65 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=http%3A%2F%2Fwww.lebanonfiles.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		545 KB
94 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1794503022683742&correlator=764351943499185&eid=31072039%2C31072215&output=ldjh&gdfp_req=1&vrg=2023020601&ptt=17&impl=fifs&iu_parts=21894097782%2CLFiles_1x1%2CLFiles_728x90(1)%2CLFiles_728x90_970x90_970x250(4)%2CLFiles_320x50_320x100(3)%2CLFiles_300x600(2)%2CLFiles_300x600_300x250(2)%2CLFiles_728x90_970x90_970x250(3)%2CLFiles_300x600(1)%2CLFiles_300x250(2)%2CLFiles_728x90_970x90_970x250(2)%2CLFiles_320x50_320x100(2)%2CLFiles_320x50_320x100(1)%2CLFiles_300x250(1)%2CLFiles_300x600_300x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14&prev_iu_szs=1x1%2C728x90%2C728x90%7C970x90%7C970x250%2C300x250%2C300x600%2C300x250%7C300x600%2C728x90%7C970x90%7C970x250%2C300x600%2C300x250%2C728x90%7C970x90%7C970x250%2C300x250%2C300x250%2C300x250%2C300x250%7C300x600&ifi=2&adks=1850051439%2C3611282516%2C3237839583%2C2677343658%2C2205192521%2C4179594712%2C3352391512%2C2291320453%2C539932965%2C2342546863%2C348188995%2C85745273%2C924770649%2C3939129125&didk=953092430~3641825082~2120025922~470097312~972599023~209599808~2120025891~972598990~2938743786~2120022019~470097283~470097250~2938743755~4106390875&sfv=1-0-40&prev_scp=floors_hour%3D9%7Cfloors_id%3D9c0a23%26floors_hour%3D9%26floors_noresponse%3Dyes%26floors_responsetime%3D-517%7Cfloors_id%3D9c0a23%26floors_hour%3D9%26floors_noresponse%3Dyes%26floors_responsetime%3D-517%7Cfloors_id%3D9c0a23%26floors_hour%3D9%26floors_noresponse%3Dyes%26floors_responsetime%3D-517%7Cfloors_id%3D9c0a23%26floors_hour%3D9%26floors_noresponse%3Dyes%26floors_responsetime%3D-517%7Cfloors_id%3D9c0a23%26floors_hour%3D9%26floors_noresponse%3Dyes%26floors_responsetime%3D-517%7Cfloors_id%3D9c0a23%26floors_hour%3D9%26floors_noresponse%3Dyes%26floors_responsetime%3D-517%7Cfloors_id%3D9c0a23%26floors_hour%3D9%26floors_noresponse%3Dyes%26floors_responsetime%3D-517%7Cfloors_id%3D9c0a23%26floors_hour%3D9%26floors_noresponse%3Dyes%26floors_responsetime%3D-517%7Cfloors_id%3D9c0a23%26floors_hour%3D9%26floors_noresponse%3Dyes%26floors_responsetime%3D-517%7Cfloors_id%3D9c0a23%26floors_hour%3D9%26floors_noresponse%3Dyes%26floors_responsetime%3D-517%7Cfloors_id%3D9c0a23%26floors_hour%3D9%26floors_noresponse%3Dyes%26floors_responsetime%3D-517%7Cfloors_id%3D9c0a23%26floors_hour%3D9%26floors_noresponse%3Dyes%26floors_responsetime%3D-517%7Cfloors_id%3D9c0a23%26floors_hour%3D9%26floors_noresponse%3Dyes%26floors_responsetime%3D-517&eri=1&cust_params=LFiles_Category%3DHomePage&sc=0&cookie=ID%3D0900775d8e88bcd6-221f379aa2db0021%3AT%3D1675761753%3ART%3D1675761753%3AS%3DALNI_MawDrq73fn4x63s9kq8mAxZwuW2DA&gpic=UID%3D00000bb13dbe94f4%3AT%3D1675761753%3ART%3D1675761753%3AS%3DALNI_Maxx7Hjhh_9da5la1oXmHj7_VgQWg&abxe=1&dt=1675761754290&lmt=1675761754&dlt=1675761752120&idt=1176&adxs=1599%2C290%2C757%2C-12245933%2C143%2C-9%2C757%2C135%2C-12245933%2C757%2C-12245933%2C-12245933%2C-9%2C135&adys=180%2C10%2C4973%2C-12245933%2C5023%2C-9%2C2966%2C4326%2C-12245933%2C246%2C-12245933%2C-12245933%2C-9%2C2722&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C-1%7C2%7C-1%7C3%7C4%7C-1%7C0%7C-1%7C-1%7C-1%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&frm=20&vis=1&psz=1600x6732%7C903x-1%7C1370x0%7C1370x0%7C312x0%7C0x-1%7C1370x0%7C315x0%7C0x0%7C1370x0%7C1370x0%7C0x0%7C0x-1%7C320x0&msz=1x-1%7C903x-1%7C1370x0%7C0x0%7C312x0%7C0x-1%7C1370x0%7C315x0%7C0x-1%7C1370x0%7C0x0%7C0x0%7C0x-1%7C320x0&fws=4%2C516%2C4%2C132%2C4%2C2%2C4%2C4%2C132%2C4%2C132%2C132%2C2%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C0%2C1600&ga_vid=523928778.1675761753&ga_sid=1675761753&ga_hid=1541745987&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d043c67cb65c62dee2303044df0f621a0c6bd843fa97477d25db5f3ca59eef86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96597
x-xss-protection
0
google-lineitem-id
5507213652,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,5663216871,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138381865323,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,-1,138345892097,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6081 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:34 GMT
expires
Wed, 07 Feb 2024 09:22:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
lb
services.insurads.com/ 		0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://services.insurads.com/lb?appid=2490&acid=483&s=2910&sid=01453D0F6A0C04E2&auid=929906&ts=1675761754332&iid=m29eb1cb13d2647b83467398d68ce25ee42ba1bd305&is=0&m=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.108.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-108-144.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-nocache
true
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:34 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx/1.18.0 (Ubuntu)
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230202&jk=1794503022683742&bg=!p6SlpODNAAaq5O5FiuQ7ACkAdvg8WhdGHn_TUqc3ZsyFFMelhqlLOmxqFiMNegOKz7zSoQk1cfLvtQIAAAB-UgAAAANoAQeZAqAjncSURcSJ72ygn-WMhilixLejRw6hqbwA1owo4iBMA6qfkVXb19x8SOwg3RN_5GqU-ohyuildZJT8LgjFbBWI_EHDx058hbQHrbwjOWnSw-Vje0Dw3r8IiOAvcXEt5vd8ptV_thAKPfJ-Zcrjt5sLhSVeX-qLe_mTh7enSs5ieky5b2yQ3VWLK1YkRbVHP7fheC7CTYUMnbYPYlMI8rx6VF9crSqqWRk721whIVpk34u3yB0RtB0Jb968MFuSXlGe0R8Sm9KNY2UJLxiYjVCO6YFq93yDF5BuxXpn1kbUzoIxRbxN949utEnOC351BBVFAjMILlvxa7GFY7P4Sn1a69TCC0r5C2wbzHjYYyapmKbQ0iR1WHyM0bO9VN4ouzEYCMKNNMVT3Xf92IMVhJN_jkAV7d2iYNllGmV9PyDIBTExJtjr1iAiXeYapah9WZUQXHOELqevZ6m1rngDX8KYA0-QV5HhOEKgs2-k6k0dsZCyBCSfpLvjIg8f6zdiH7QV-_8Sf4z-W5L4J-fFQjvUTuzqEjWBeNH-RBxlSiqwfwBagr-J6Ta_GYDJ8Ai_MZZyO_dEcfF6ErQa_1zK1roOV-DLf2u11Aq_mlE8CJCkXgzpz7OWVRMaGw4-JO5qWwBsrpnd7L1JTygOyo_5WsrwB69m2-NEa-YqCmmaBgAHLZBJ6tjdD2_HRRmvKa2wOlU0JVX_h-rwlB_ElkCMb-1uRrmEYSUs-HjF5l0m1bvrZ8PWmJn6CA1b6VRrh9bJcJxpRqWIi7wCjnh4Jfboe4fdoKpb0X61vcZSd3R8OnbV5yJyjTzACXkT1AiKC1eJGgQKmzz9AINrdA3EqW1T5NUjlA2HBD-onYmFqDHVFCJe8Lx8rUiXXn3zNiGmpzaVTdY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:34 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:34 GMT
server
nginx
t
t.lkqd.net/ Frame FA8F 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame FA8F 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:34 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
events
analytics.leya.tech/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.leya.tech/events
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.145.108 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.145.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-token
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-api-token,Content-Type,Authorization,Origin,X-Requested-With,Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://www.lebanonfiles.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:35 GMT
expires
Tue, 07 Feb 2023 09:22:35 GMT
server
UploadServer
x-guploader-uploadid
ADPycdsUIrbbD7eH8sI901rRR0yiMz2LF58gGrR8Z0z62MLzaM0GiyuY82CJGJUH0jwFhKMx-sf6eLYLxPJel_c0pKHFbuMx8vN0
events
analytics.leya.tech/ 		188 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.leya.tech/events
Requested by
Host: cdn.bidder.dev
URL: https://cdn.bidder.dev/clients/21894097782/lebanonfiles/sa-script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.145.108 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
108.145.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2e7b572fb8c157fa128e3ca13f7c7f904176c4f59b010a8e498af74cd5891103

Request headers

x-api-token
d72dc3aa-077f-4497-9920-7fc4a89fa510
Accept
application/json, text/plain, */*
Referer
http://www.lebanonfiles.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
server
UploadServer
x-guploader-uploadid
ADPycdsAejxwz-SocwqpkWCRT98Pnh6caKbYK2BHSyJUSI0SjChwLE91t7gHJv-Rju5UeyvLZv12vb1v_gqT3EQE4cKEcJnvO9qE
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/xml; charset=UTF-8
access-control-allow-origin
http://www.lebanonfiles.com
access-control-allow-credentials
true
access-control-allow-headers
x-api-token,Content-Type,Authorization,Origin,X-Requested-With,Accept
content-length
188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
view
securepubads.g.doubleclick.net/pcs/ Frame 3D56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvjLBjqC8NZoJl6kBNgs6XVJIvv-rh_pcKSJMZSVCnKE52upySzqTEnR6KNkNafC7NIvDKYvRYf_8i2DI8Utj6a7jHmMDC0aDu8aS0vJPhHA0VguOW72odW4o-WYwhUzgnSKa3CChaMh2a67BB-6veHKWsDOQRwLaMbsDBtV2PelFCefvInlht4lpyDZpRogapy4BXGkgYUm0FVaO5558ApyCtiBLP2YZMZTohPn6Ml8HtdR0o7bAu_PEytYT0dyBSIvaZ1vS1rBgExu50LdZboTcq8LazaJjo6vcyUL1ikkKFyWrWUvXxSEw3eullE3g5h6UH8KCqLyh6gGC4I1B3pr_a8Q&sai=AMfl-YTzjNZNm00klAqlHYqcBLMSbzp9SxKd6MXUZDtFfN2H9IAzwrjLXGWWEANfBm_NaVFCnXAzmD7OVP4dFsOlC54jFdggRtV4KfCj0RY68Z8XQk202rJUxjSYZ6C4aQ&sig=Cg0ArKJSzEo1qPTRTETwEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5ae2b18203325ac2876b69455e08e3eefa59a4dca46ee55b033f1fbd80b28b5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2022 10:57:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6357c112-63df"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 07 Feb 2023 10:22:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D56 		157 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 09:22:35 GMT
container.html
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DDF0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:34 GMT
expires
Wed, 07 Feb 2024 09:22:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D80C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:34 GMT
expires
Wed, 07 Feb 2024 09:22:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B790 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:34 GMT
expires
Wed, 07 Feb 2024 09:22:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7402 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:34 GMT
expires
Wed, 07 Feb 2024 09:22:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 46FE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:34 GMT
expires
Wed, 07 Feb 2024 09:22:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 36D6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:34 GMT
expires
Wed, 07 Feb 2024 09:22:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 48CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:34 GMT
expires
Wed, 07 Feb 2024 09:22:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 860F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:34 GMT
expires
Wed, 07 Feb 2024 09:22:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F8A7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:34 GMT
expires
Wed, 07 Feb 2024 09:22:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7930 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:34 GMT
expires
Wed, 07 Feb 2024 09:22:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E2C4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:34 GMT
expires
Wed, 07 Feb 2024 09:22:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ad
v.lkqd.net/ Frame 8CFF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=88028436&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
887f1d860f0610fc4a0bef91beb2a76bbaadcd627fd351b3f4ca7001387bb5d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:35 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml; charset=UTF-8
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1405
batch
services.insurads.com/dfp/mapping/ Frame EAFD 		4 KB
715 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=2490&requests=[{%22eaup%22:%22/21894097782/LFiles_300x600_300x250%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:600,%22eId%22:%22main_lfiles_300x600_300x250_0%22},{%22eaup%22:%22/21894097782/LFiles_320x50_320x100(1)%22,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_320x50_320x100(1)_0%22},{%22eaup%22:%22/21894097782/LFiles_320x50_320x100(2)%22,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_320x50_320x100(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_728x90_970x90_970x250(2)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:728,%22h%22:90,%22eId%22:%22main_lfiles_728x90_970x90_970x250(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_300x250(2)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_300x250(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_300x600(1)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:600,%22eId%22:%22main_lfiles_300x600(1)_0%22},{%22eaup%22:%22/21894097782/LFiles_728x90_970x90_970x250(3)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:728,%22h%22:90,%22eId%22:%22main_lfiles_728x90_970x90_970x250(3)_0%22},{%22eaup%22:%22/21894097782/LFiles_300x600(2)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:300,%22h%22:600,%22eId%22:%22main_lfiles_300x600(2)_0%22},{%22eaup%22:%22/21894097782/LFiles_320x50_320x100(3)%22,%22w%22:300,%22h%22:250,%22eId%22:%22main_lfiles_320x50_320x100(3)_0%22},{%22eaup%22:%22/21894097782/LFiles_728x90_970x90_970x250(4)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:970,%22h%22:250,%22eId%22:%22main_lfiles_728x90_970x90_970x250(4)_0%22},{%22eaup%22:%22/21894097782/LFiles_728x90(1)%22,%22eoid%22:3026446051,%22advid%22:4830452331,%22w%22:728,%22h%22:90,%22eId%22:%22main_lfiles_728x90(1)_0%22}]&h=http%3A%2F%2Fwww.lebanonfiles.com%2F
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.9.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.108.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-108-144.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
33404034c86e16b1af53dfb4b8231e13b4508fc33ec51e21381eb9a99e38b7b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
css
fonts.googleapis.com/ Frame DDF0 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 08:08:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Feb 2023 09:22:35 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame DDF0 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
30848
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:48:27 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame DDF0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CT1_fWhjiY-_iGMH43wPfs7HYB4ijq-RuoeOv1owRZBABIIbo5XVglcKmgrAHoAG5ysWKA8gBCakC9oRnZlv-sT7gAgCoAwHIA8sEqgSXAk_Qq2gnRhk15fgNWwvU5hZ0yYJJ6D7R8mkb_4fnhrkbLiI9Hpi_pyo6TeEg-g4EXJaJvnJrUh6iuNIA1UBxOacyYSNqQpvso41lkdBTsg0aKbPL51tvc1cdbiekMjT62WNA_-rqjK8Jc9VGVuR4AwQEUxV_4VY_To9g_oBdYKSZF56cMFU5BfA5X9k33ibj4efPvVOq9ca6KquqQ9LJbw2nCD24yaBrM6hvG7pBqBciSevS90CJipHnIUOrtEVfbzYDihD9bBejLKQdL86JAxzB0unPaKbbAoWN3J_kunyLwCIMFwDI8Zu1-nzuymOp-a5LBkcHBp6smKqIXie7XwjycTjKx5hIbAbwuWEYAK7NT8jDmKtAL8AEi-7A5p8E4AQBkgUECAQYAZIFBAgFGASgBi6AB7nfwXWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCqpwHSCBEIgOGAEBABGB0yAqoCOgKAQIAKAcgLAZgMzv3Pp6IEuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi04NzQ1NTkzOTQ1NjA4MjAyGIT_dA&sigh=h207UYzN3eA&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE&template_id=515
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame DDF0 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
31024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9012
x-xss-protection
0
server
cafe
etag
10578598109654303351
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:45:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame DDF0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 08:23:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame DDF0 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
31083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:44:32 GMT
l
www.google.com/ads/measurement/ Frame DDF0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9eb4ofcKDgyPayDIcnY1uviqqRuYq_gN5VJfMjvNfU-dhqHaWIvYTD7SFxZBo3tdRYaISwEZC6x-46R6MTeV8VY4ShQ
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DDF0 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 09:22:35 GMT
8aec859a266e19fb42fee7f82edeac28.js
www.gstatic.com/mysidia/ Frame DDF0 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:19:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14079
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 22:14:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 07 May 2023 09:19:41 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D80C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRQLsWhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSkAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakC8wu4Op97ZiN3pBhyO6XVRjgMAMb7VFOV2jU9JnPOxWJWu2qGIngBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg3NDU1OTM5NDU2MDgyMDIYhP90&sigh=TNQM4Uolr34&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame D80C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g5jg48t1566yjm6m2z2f51rbb982yqdmfq6418t7gdyc4tx6jrpy3v4b6xdzb7r1hgbwkcyh6zw0fjmxmrd36dnkaq61mbyjahts4eqgqtvd5agnnf7yxk2j4e6700e8wjr1cgp1x8vh1kspjastpk1qvq6jqsbp0t3vme0trycs3ej0m0s5xv85tc7y1cyj6vw30de0y7axqytbmw0hhvd69adeacp8qmcrkxtyjngjjr68xnk9qk5jzfty7azd5tj895w5rywng1w1fwhdzjnjwkp6je54xb2mh7d8c1pn1wverzzht2xx0xyz7hza8d8tkehpf9pb40t3raxs12s6eme0hqm6cbab6v3mr0kwt7m48av0mh8yngq3f4n6m82jm198nzsarr&b=Y-IYWgAGMkAKd_xBAAxZ3wovEvCU2WhOKA9sMw
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 13D6 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gy1rp4zh5rhk2nswa66b3mgz6eg7c185gq7mn8sz2p6zgd30cnw514mw5m5erbgef8ckehv1q33btssc0x3b18kyjb8fh3a38hwd43s30sx87xzb1dg63fz8xbfq01jqk69f6rs27z0t8d1x3hd9bbjh0qan29e0zk50dn50ysw7x9pdm059t1c1phzhm1dn9z4b2ap1v5tfbe09vrh1mkyyxmkwzjeg7kggx9bfqbmsm02te8vaprhbqwsvkevmzz90xbvtyy8kct9csakvzw5g7m7amtkqwa9n7jzvf3xgg5khsdk8e2wkxkk38zmdhv0zx0jegsxv895kamsezq79bdrwhpyeggzrf7rnx8yefyca0e4vjc8am3jx1ykv03hj05hk74qdagpt25cd7anes7s5rhq614s53arbrrfjsr7yjd4y3cb1z0hvpbz8vwntbv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f2b965a8729713a9478d3e2e6e28b968212fb21d3779ce83f33d5d7f49f111c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fdc6a3f8fd0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:35 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame D80C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 08:23:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 746A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Tue, 07 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame D80C 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
31083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:44:32 GMT
l
www.google.com/ads/measurement/ Frame D80C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRM-Hub8nNlImOSDotZ32XZxLqbzvrSivEHODKedk-gy2Chy2IiU0gz1oXMfBFFLDb3_juUL2trIkMt2j4cFppdHMFgpQ
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D80C 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
511216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Feb 2024 11:22:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D80C 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 09:22:35 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame B790 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMZ0AWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSgAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXkjYM2U2_N0P-2UxikAmkVsa8ymInh415G9zekWju_xuyabJIM3veAEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODc0NTU5Mzk0NTYwODIwMhiE_3Q&sigh=QPe2c1sPMPA&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame B790 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1h0s4d9mjxvttd06a251r4mkbm33c2g2naggge76sz79fcadjynmcdett27pq5rxhcb2ty4j53n61smr233d3s7x2drsvw9780j4wdhy9ym6cec8bk6jmxnwqrz7a80vtrk41hvekh0kcg276wmgnwtmgda0zhb4e25xt4b4d54n4v67cv3dbv8gysft0he5g7s5q0928gbz4n2ryv89xb673ct9wscpbee3dbne0r6zs845xgv2j7e5yzmya2g79rdx3d8at7ym2jk5gv76qj5vbm7td1wvmjpppj42xqmtdca5htnk234w11c8gemwf7kgz8np31y3yzgtk7cgfaj74ddtqbsjqc507s5n6ew1myn1xykqf1pb8cex73277b2g&b=Y-IYWgAGMykKd_xBAAxZ3w15t1qnbnR5T8N1Kw
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 43AA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gz1vs1272vt11sh27xv8v5zcf7jpff02a5ggqmkvt0sj2cqcqe0d9x73359txh88ygd2jgapcpwhp7nqqtcsxpew7tycar3ysd7mt5j6wxseetnv5qxcfh3wjnvasjdn0cx46kkkgk9shhy9mpdbwyjeyrmyhz2d73xr4bz62383tq5603g0dm1wg26y0v799r91r6nk483jv5eg89a3vhmcdev0423anhpznszjz0gc5v9stnca2vvrcah97ps1ak0sxtrkc8phqp7re26xjr207p7twtg9pz7jy36pf2cn8pc2qmtxe4ekj89xt884tf8zdpj4fbbgmbzy7x3n7dkb6710qkds87ytk1f23ppr3bjymx1hvmfm78aqjsqv06ks7f5c6fhav13tszwam68ctdc2t75c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d6a8d60f982e74efc951e59383c99f70a5082e32e5623b429f1930bb2162c6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fdc6a408fd0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:35 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame B790 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 08:23:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FB53 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Tue, 07 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame B790 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
31083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:44:32 GMT
l
www.google.com/ads/measurement/ Frame B790 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYjL6RcntAi4KqY3mgL1I0Y8Ff1XxNiEVN4pDCcfe0Lqb3SbSTU8QEV3Mzo9li_XYrmTHW12uP-8TVevg_mVL5JMu3YQ
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame B790 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
511216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Feb 2024 11:22:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B790 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 09:22:35 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7402 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzOFmWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSWAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqUmGoY7fhRLLKg7XPa4otiEC7TPYXDTWo2yHXNneM0dAIX5qwePO4AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi04NzQ1NTkzOTQ1NjA4MjAyGIT_dA&sigh=my0p68-OC9U&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 7402 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kejh7smr45509s13hwesjszx6276h88n6avf11zfgcay23ev1eqywrvdz2jxxyvmp0wy91wje58e112zc713pmv1x4eq6n7s7y19eykw2zvqp71dy7bwhcsd0gscd0r344ekk93qa3g82vswbp0mph14dksntje4ga2aqvc5rqsqmrwaskefj84fqydp9cwhf3wnbktcb5az8pzw65bbfhdwr3ma47w4a4t27s0z3tfb4psdp7qbwpwj26j08ymf3fbq2vtk1e8p4vrf8ddhddeqs01z8bm5jjw1a89xy9yjm23qdkrynvbyn2069hpwdrwpnj3w35x0nn510xq9a0bhg7w98maj5an5jjp9rwyfwwrcmwedcgzqbk04ca65z81ga72dw&b=Y-IYWgAGNDYKd_xBAAxZ3-hX3zkwTTazgXj7pw
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 10C2 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kpm7581ve6tht0mzzsjhrb8afzf2v73hrd1d26n6hr9wtf3j757brj0b6cakjf9fyjd03h058qx4khzh89921t5242xyp785vmytxyjk19gnn82v5zrprzt63n4nm7h1k3f5q5ajbkv90k1qe450eh0th8qm72r65a64vyx8zbhex0p414hfaa3k21eaxd8m6pdw50g6ddk2xtpp7j9x45e4m9zatz92mt34eadr8px19q5jnqsgqd81r9xetphmhtvq0g8k8c1bvyxmmtw00t9hrtt6rs4s4ba8mb78wpvdy1ha8y47n9j1ehej7f8mj0zqz9tqmzdcb9zpcsa988j5c2pb1g2krnxm0t0y7bxmz5ppxtd0qrfx9z7cyd11hf6693typkjf5a1ar1zsa32hgje4q061hf232xqqnmf8epgfw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23e19e7468c1fae67aff80842bacfe5142cdb7568dbdee994712b04f1e8daf26
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fdc6a428fd0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:35 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 7402 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 08:23:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E520 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Tue, 07 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 7402 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
31083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:44:32 GMT
l
www.google.com/ads/measurement/ Frame 7402 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQlA1DE6hYDh3cW6NZHGynkVypxhyd8J4Mb7sF05CGL98WuDQ9j8_vpYdMn4q_xddmnzpA-FPF-qrhuyPsxnhnD9iikg
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7402 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
511216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Feb 2024 11:22:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7402 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 09:22:35 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 46FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6cEiWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfuO0Q_upqbMpW4DC7xCgToe2qwa9QqaOD9PTH2JbHJmrikfFETiPuAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODc0NTU5Mzk0NTYwODIwMhiE_3Q&sigh=l--VarGdj7w&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 46FE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hfw9n0gx49dx11a62y5axaw4wdv8fq177byqyzy34c6s39rxr2yx4q84kehzxpa7sd5518ffaep4kjbyy1m8vd4jzvtdz9dvs1z5ctcdf8s3ypqttshnjbx5aja3czra5m02fkydrdc7qjxygmzdffr1aafyt2h2asdwe91kjtbbcea4pa2txhxqpyfmbm38vw6geecsasb5wzyygd2eezfjba7k6ajet890q6pgca0n73zkc2gf6s4g3kxmb6khj8cfskbam4r80nb4f7xhcmre8ezkmrey7vhnawwc7yqs1dn1a2c55hcnttx9d4hkkfcgqhnm5v23hj0spezfyjszqzr528a13ka7mt4hzvk2cqfr1wse4q329fq1jbkbxrex3bkg03hfdg&b=Y-IYWgAGNegKd_xBAAxZ38gkQmLwHinzrc2Ttg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 5795 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1g5xv36gdqay1vvr7e1gh2rsy5rk1k6ae2hgd5by8930acta9ng34v61v9ysnphch4emn00x04zdqq117qkd9eszx7208sfd1ayt81zk10xg7h251bk9abk3dh250dvgq8ws29dzzjpq9q28bcabjz2jfqz0733702hspf52kz28p25s2a9v36n4qxx1erw30n1qzvd4vdgxwpmhe729zw0bnf03gwb3tmyargetz32nhfae469rv66ydma9d9hb41gf427e60bh60qnz2f1v92ea722sqdcejj1wv80eqkzj3c9e5varm5h3g1a6vw6sbmtbfq8nrnb2r6pyszxcfpxv97czp9y4vvs050wkqng8rehpx1jxkky6wvvwhszcn5m9hrjfwx0h9v7vz23hnwbkyfzpyqatrhdqsn5frhcd7gqfv1ahwjjb5r2rbthrf1nf9jy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%26client%3Dca-pub-8745593945608202%26adurl%3D
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd03d839f8362d4b7f37510aa3de0dd701a74d38c7a45ed74af3759fd201266
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fdc6a488fd0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:35 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 46FE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 08:23:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BFB2 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Tue, 07 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 46FE 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
31083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:44:32 GMT
l
www.google.com/ads/measurement/ Frame 46FE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLAem8VqHFM4uuP9-l-1j2x_6pvwYO64USHekIpg5CJaBp9qM0tRXtFBz3rPsXeHYKY4bnMYz9WNEEybCvS-430DAdJw
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 46FE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
511216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Feb 2024 11:22:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 46FE 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 09:22:35 GMT
impress
ad.vidverto.io/delivery/ 		64 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.lebanonfiles.com&pzoneid=7471&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.lebanonfiles.com&top_url=http%3A%2F%2Fwww.lebanonfiles.com%2F&domain=www.lebanonfiles.com&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&referrer=&async=1&uid=3567503963
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
HTTP/1.1
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6e1278b38e7c2121be73587285a735bd9bfaf83c5a8469047adc256146eda3af

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:35 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
adview
securepubads.g.doubleclick.net/pagead/ Frame 289E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CwY7BWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSWAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGqzqrGNf8ucdVznwq0Q1RRX5F3K3XqCib8kqXtothU-1dfRAt_H5h4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi04NzQ1NTkzOTQ1NjA4MjAyGIT_dA&sigh=aXj-4N9ehMY&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 289E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1khzn6n6qcsv0sz585f9x69j2her26h6c57waqb8a4mfr96fy4ke3hnr9a1kp12t7yv8t24n9x0c8qec892cn2j6ryq925nszpgww34eqt83x51f9np1cz8vszmemz1ydrhg2naj4ek626d3h41n66ekwgxtz6ky54j5cgjdacrzzqq7kah3b4jz9nbnhychzc5nar4yxph7zy5z2wb8m1r1ndr9pf3am3z6ytksfq056knwx9mkkr78v074zpsnmc6vtpjxqb9zknapvhcjdyks8ygknz5wqvd6grc8f0dh1w1pryhvgkgjknm82epmctpw07p3wnvxm207mv0cw6xqf4shvmpt5g4n0aqf0c8kv4qgmke8dnakzfped7qkr2n0&b=Y-IYWgAGNp8Kd_xBAAxZ33Z0E6KbVkBMceG6gA
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 8A0E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gtqdn7wfn7a1qfhh69zgkn0rr8jjfz7s22ee4tetznm5y7pnwqydg1c93g9d37z0n2vw3tjwg94m254178bpxrkfefjw1jhbb461v3nwp81gw5bhbeqc0n1acy4pt3byqpx4mxxmamb5sww7e2vk8k30ak9zr701tst8hw650wy54hr1whengn846mqrhcjsrjbk397q080pq6hepypdb51p5e3ezgts0364krmjgn8xqqa0t570mh05m3eddastapmf2x6kjevtwyvtp9jxjc623n5cc3n7mme9w9z92696hnfxqj170edjgmj1znk1bbfb10eanrnn7ae3v41jg4kjavwy7h6za8s51cjdt6psykje9nnsnah6eey32s5jfb6r0bccjxe4cmzqxjr0rmycsdsmy6h9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%26client%3Dca-pub-8745593945608202%26adurl%3D
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06e30a4ff3956e1831c687d46b06f646bea6f5a9611bb8e51d6f010e95de7ca3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fdc6a438fd0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:35 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 289E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 08:23:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 35D8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Tue, 07 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 289E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
31083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:44:32 GMT
l
www.google.com/ads/measurement/ Frame 289E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzl8N2Wh274Ea8dlQ28cvZNJiuFHC4xb3l9oCDYDkQ-Uzui66K-_VSZ62Yzks7OUfRdrpzCCogh-Ap7h5-C1O8b8-0xw
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 289E 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
511216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Feb 2024 11:22:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 289E 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 09:22:35 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 48CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUClFWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe4jgvp-8wNuRYuAxN6IW4KTWYn2SDqEJWDdGKLeU3GzkDHstdI7J4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshccChoSFHB1Yi04NzQ1NTkzOTQ1NjA4MjAyGIT_dA&sigh=0PE8sPi2ttM&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 48CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1g6j0te6txtmfw3szy8kr77x61can4kavnxaagccya0pkm7y3faksjynqj732w6azzc0w3qk8nga9qxvzvdrrtp87d8x7enmdqvx2bdjhxck2x6mxhax0hbxpt2kgq4ah0ycesvt0e6ymgdndx5eb3prkrdyvpr5hv8r30dxatw3b05bf6ag7f0ymxzmw4w3v1edev5gnej5p2jpb7j3frns4qhhkygnec6t86tq820crjbmf50jhejd1rhyzn75b7qz786andk3djezqkscntnhc1hjd6k4yn7f6ytpwnbqrqqsst2d20nqycqkawfdjd8xtf9xtqvvxh36r95rnp85x372f7me5xk3r1c2nvxjcjms99jfd21gsntdp01rnwk0hbtvg9yhh58&b=Y-IYWgAGN1kKd_xBAAxZ35xwebeV3PboB8x5CQ
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 46C3 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1g5x3trv83pwpjafcy4e9nx9f55cj2byagvcb3ekh9j1fqgj2208qw2br42r275wpy0gr3hzw44czzd4kjp0d4eqqjyqbx3vrefzc1pw3pek6zdwfc8a8szk63873vmcygmfbg2rcxcp7ww7yeyzc6p3q77t83m138atd437d83wergr0gp7kg72th1jz5k5hd2dbgbf3g1vjh69bze27nzsaqnhdgbtt7e2p7qx4g10a6ns4hnxnkkwq5dq29rwkz30tnwxvj72bah9q3p6qn4dvham6bya3xp8nyxjy7pbpt1fdm92bzvtng8ncaf5tazxspr9p92vtwvfx43d4zeynn1b9r3w5g1mk60tbwtt5sbh49fv310pw36ww6q86wnqyrf5s0b0e794bngzw22v37yy9m4txxzgnxv2sffm2xtja18t609n9ky4me9bybg4cyk7ew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%26client%3Dca-pub-8745593945608202%26adurl%3D
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a27bb03bfbdf5aae1de24c645b7b017dbfa3fae6342ccfd917ed2b70082f834
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fdc6a468fd0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:35 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 48CA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 08:23:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D477 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Tue, 07 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 48CA 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
31083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:44:32 GMT
l
www.google.com/ads/measurement/ Frame 48CA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMpjGht6A1hK3MKWIUu85rFm6fwydlmDLANT8o3Xm80GWaFHvvgYPyz1tdRuVtQ20rTY1tvtmu_dJufkMWzG49vwhMiw
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 48CA 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
511216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Feb 2024 11:22:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 48CA 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 09:22:35 GMT
css
fonts.googleapis.com/ Frame 860F 		8 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 08:08:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Feb 2023 09:22:35 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 860F 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
30848
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:48:27 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 860F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuV0EWhjiY7zwGMH43wPfs7HYB4ijq-RuseGv1owRZBABIIbo5XVglcKmgrAHoAG5ysWKA8gBCakC9oRnZlv-sT7gAgCoAwHIA8sEqgSXAk_Qo9eNDLeQVMEMb_0HbAjXJEIRaeCc1r80Ain_4JZxW0ZoLiL-MhduiPNgvqsXxYkb2RRm8DKJFhszORzCTZzos0RWfOiGmXzWRS63Ndf2exJMUrQ_xzlq0cGpRFXZ6Po-MJ9XzKcVErWRhSyN1HuTAKSg2v_0aStdVbLpNSXk4MiYZJrl0DFz6Fua74QlU36VMVE42uTiUExypJNWvhNEGcmtu1FIGjYZpF-YV9i9TR7kHT_sths9vFEVnyihpQjkROapV8fbA4TCoXms60yI7RKB6E4GOxuYOFYHYLD5YCav0jQnSNx1AFahWzS0IuM3Gu9jHKggJA4PE3NRtwN-baYTRbN6d_-M-qbWIH8pghOQy4HLb8AEi-7A5p8E4AQBkgUECAQYAZIFBAgFGASgBi6AB7nfwXWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCR0wHSCBEIgOGAEBABGB0yAqoCOgKAQIAKAcgLAZgMzv3Pp6IEuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi04NzQ1NTkzOTQ1NjA4MjAyGIT_dA&sigh=-7T63l31CYw&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE&template_id=515
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/ Frame 860F 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/abg_lite_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:45:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
31024
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9012
x-xss-protection
0
server
cafe
etag
10578598109654303351
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:45:31 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 860F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 08:23:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 860F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
31083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:44:32 GMT
l
www.google.com/ads/measurement/ Frame 860F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQA25mj7wXGvrD6Teh9QLE0VMGmkr_IAXZbqiV5MTIKQ1F_UDF0s7jdt0L3FfG6CGcuOzzwYix2vFh9gzghDEBqq8sb5g
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 860F 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
888fee914ccdd03fcf212b38e80d9da7fc579582e50f886462b139ee0ee9130c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675690092087710"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 09:22:35 GMT
8aec859a266e19fb42fee7f82edeac28.js
www.gstatic.com/mysidia/ Frame 860F 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:19:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86574
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14079
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 22:14:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 07 May 2023 09:19:41 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2C56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJwL4WhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSgAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf78Giw7k_zDers0mLYq5dZnhuOptX4aKGZPHX4e9vYGwWy862j6SgOAEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODc0NTU5Mzk0NTYwODIwMhiE_3Q&sigh=BsAIlJ2lWR8&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 2C56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j27vnqrd4h218x7a58fsdpa15heksfpsfjgdf3f71ca1cxgk9a1vgev8wgbk6269emadbdk5mmkfbzx5hz1qk8drftdjz94vjqr7kcax9r42kmreva4rereqstc7bw7rvq78cxn1pcstrfness5mfweyb2xqx4xzsvtqnv8tbp64y1jy7ngddrq2s4ekb0z07y81whrgq8wcy06az96n8gn6yad3a1ergv1y0sd5gk8pn21egtjqtc21crsrrpj542ze9597mdtkvrd0yrdzm505q4tqgfhm8qsr1mdt13jbr2yj9j2vgkh5r5fhxdg42h0093nnv2vc6skzg5ttrs0x5h9gz91af79k88d607x9bx45rcbxxd8k6s5q98ctg99479z08&b=Y-IYWgAGOQkKd_xBAAxZ36Si7-Jze0Zvpbc8Tw
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame E2A0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gqdt2050ypgad3dvs8nrrw5vfpvpbzvxzfdphv9yrttpkw3wpf67gfg0qyt5sp9v9fa968q81d0n3y47avdt1n8vrbbdxgqg5yr16gqjtrdp82fkgm990z4ny66jw25y46b9a39tjnpa05p8cm4tws03h59ts5gnrkjkbwyz0qyjsvdyx0agk7j743pw17ckfmqcaanxh81bcxctz80nbv9x70syb6rw8gcdrv842x5ww8sp7a2vf80t1ve81bmxan5j4cjf64c5g3713yfq87djkya812jeccrfwqqxbm4tsd8fw92rhjkh353c4sj3m0y6gb8rv4eyz727gecpajzcptb1qeb363w5fj6bf129hpn7jpr5cchvp6bbcpner21m5rjqhd4d8g33d4pg8qrrecrasq6zpd016fwyem9wq0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo7ZJWhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf79EiS92KMlZ7gWhZRxjPAsTgf5n8oykAU5Hnc4vRRWudzfvBqHSSN9ZY-AEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0eydoCOmNS9PMvixd6cclmJyvkNQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59dfc4f44c65ffc10d2caef968407d533dee7adaf9efdde7fd8c8d9e3184f280
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fdc6a418fd0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:35 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 2C56 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 08:23:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E7FD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Tue, 07 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 2C56 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
31083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:44:32 GMT
l
www.google.com/ads/measurement/ Frame 2C56 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSDEdkxCKg9RIG1IM1TxlVxOkWXE_k-3RpVxQV9T7Cp9kofGRzaq62lX7rpmgOJe8gu9KSBeRdYr7_evv8GU7SW9pPdnA
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2C56 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
511216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Feb 2024 11:22:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2C56 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 09:22:35 GMT
5229109006254147655
tpc.googlesyndication.com/simgad/ Frame DDF0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5229109006254147655?w=100&h=100
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c2dd0672ba3f44ee8ef4c238f92a610dfd4d9aee27f17e46f4bf0d4dd4bf5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 05:37:26 GMT
x-content-type-options
nosniff
age
359109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2050
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 11:38:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 03 Feb 2024 05:37:26 GMT
truncated
/ Frame DDF0 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame DDF0 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
5229109006254147655
tpc.googlesyndication.com/simgad/ Frame 860F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5229109006254147655?w=100&h=100
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05c2dd0672ba3f44ee8ef4c238f92a610dfd4d9aee27f17e46f4bf0d4dd4bf5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 05:37:26 GMT
x-content-type-options
nosniff
age
359109
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2050
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 11:38:54 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 03 Feb 2024 05:37:26 GMT
truncated
/ Frame 860F 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 860F 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
adview
securepubads.g.doubleclick.net/pagead/ Frame 7930 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cn-XYWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSgAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB3_61waOQzLRziO8JFS-bZjy9iroLb6StZCAE6SNDv6epQ5mQaiXeAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODc0NTU5Mzk0NTYwODIwMhiE_3Q&sigh=eHRnPohwtKQ&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 7930 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1h4gwppt8gkqffj06kj1g9njpvwfvjx1y6c647em45vmwzscfafv634j9dghxyzgm1svrga5rahx1bhe14ddjx4rf3qcfk0xda0nkcv673kr4pfqr3sy4w05az9x05mk06v0hsxybbh2bxpap6sjyrvx8tpe3fs88v01zeb1ddxp9342tvhyky5v865vk4e2k7mf2gt2rbchzdwpgqnc93nhz5hx9g7deca9zevhxyg6b7vqz6xxvbkwhsj01r4rta2ptkrzh89254efgrkksjpxansk640bcx0d6v9n782bjtdhng6zt5s9wyyhbks59x60zg9zj2kf78mh768rjfmsf60t9q6ez5wqaf2xgp10qgy1d45mn7bf3egdah0xb66zxzv1jy9wkk0&b=Y-IYWgAGOeYKd_xBAAxZ3-nLIJq5KixCatO-Kw
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame E20B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kmz842rnxwkjqpas3dm8t1s7f874z3b7mahw3mf63ba679w0edcwp036605hn3bh8j6k11zjkggv6787scp460t3wd57vsmrfdrc97a08ccjkd3mb3mw8bx51pcna2kb7np68qmzt22mzvbrxhgpjkfw0tpjbvn07wmawvtdhpxaxknep1jhwnpc8yt8t9qahbyk2q2z2ygcjvx3k3f9z42ey9jwzd9kkmd3c2bn9xvfc5jvv8kj44m46h8d0fw9n3qtsnv8gg86cq7jy822851hg6q8gt9s13hs27yhttp0pbv261z3ecpb1y297fc72xf35xpdercvd7hvbp93tt2wgw9n00mpb4vbv67bwta5hjdjbmgqpmb3wb0j3wt5469tfrmwsdnxg4fjxqv9fcq0h6acdeggjnet31jx1zq43ea3q6zhczz0dvxkj08479653n7s8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef05b8ebc1004c4e14dc8e6a0c39e123f944e987c702ba484d1d8dd89a1f56c8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fdc8a598fd0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:35 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 7930 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 08:23:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DC51 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Tue, 07 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 7930 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
31083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:44:32 GMT
l
www.google.com/ads/measurement/ Frame 7930 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmG2RYrH9KRfIgwLvhBXXgIKWrI6TBz8mQ6WorgW5862w2DNDOckTWrVe_kCO1EvBdcOwJ0X6rP9RQtEX0WHvDKpCwZw
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7930 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
511216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Feb 2024 11:22:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7930 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 09:22:35 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6C47 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBntTWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSbAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1TvPKHHrOzdFwuvjVAvRcMJ0BFf3iakD0JZ5tvWFMJRRWpxOD8g5XgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg3NDU1OTM5NDU2MDgyMDIYhP90&sigh=yJBJCZGr_iE&uach_m=[UACH]&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 6C47 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gb2bd965kqt6xc6hj75kyjrpqxfc7tyg09v25jvp0czxfqke85nj0mnvff12crw3jyetfnt5wyw16dbwy6h7dvrjahxzw4r9ew417g9c9g600q7fjqx5313pz2kx8g8mxrjq6mes97xyt942nh1bsg1a5wq92kxce307sb04gq4t86dz2739m2spe95wrfvta5dxn1e8k84xhgqjp4xhe17773nxwna7rjs3qajsqn34r3r34dqq8kgmmmyc6bsmktcpk077gaq5wg8xrj8d0pxdsat9ns8fxe0bqz3wkznxwvjrjm77y3bsyr7dkbtky6bvb5dbz0r2ybrt16ps7jsdrxr2a6hnza9q8e91y1fjezd3dcmgzr95mzbkay34kxm5z961xngymr&b=Y-IYWgAGO3YKd_xBAAxZ3xRpFPBZiWUjtKF6wQ
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:35 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 5989 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gmmahp0aen8stdzahve9jmdkmqaj98ks1f8p5hxjefnty55mdfgm9jsmmymhr307qkvwkd9zwr5g10awr9frgv7c8akptfj4acxd39pjs843yfndqz9s4gv097ahqnj3x7gws0m2s4f4czkpskrg1fgyr6f7pjsjre72zxze4rsgkcqescb8dnzxbsf44bw9efk2gv7pyj5419qx4e325nrx715pwqwb2gbh74tdtc85hs0bff3m0jd58j15vt4mf2p5rdd3agh2zpqwhtxxmetzx8zn9mdbktvkva3vzhngpd4pp8ecwpdj7yawy859z94wytamhn3t39xc5nafgvas1v4148nbsses5ggaxdwdk2yybemc74ajbmefwyktyx0jbd14rvyh6ak4bkxk8ty98jh5j1b7h6cpv10p189qsr6y88szehfsamwkz9xgk9t6expjr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7acea864afd4d1426c342c1846d6f83cf118620398f8ab66deccd1370ade89a2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fdc9a648fd0-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:35 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 6C47 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:23:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
3565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 08:23:10 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 08D9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Tue, 07 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/ Frame 6C47 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230202/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 00:44:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
31083
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 00:44:32 GMT
l
www.google.com/ads/measurement/ Frame 6C47 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7ZnzJf6hYL5zpB1xPLDjwzz6PvdBvctZNt3sfzdHdqP8TWjIYQBfaKmBfzXEC-OyMZUWVpYweedKaT1mJRcmOC3Z2xg
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6C47 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 11:22:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
511216
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 01 Feb 2024 11:22:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C47 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675254965429469"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 07 Feb 2023 09:22:35 GMT
truncated
/ Frame 3D56 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e09622d5cdb5beca30aac356226c657df7421f221b4467484c1c2fbfd9c024be

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3D56 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0lGyUQfXzTX1Lb81ang4TJdu_UysTdg7XVtKqFzIuWF63obpP3RmcrmQe9yvCUZAVV4I4xsCoQjw1QecwYJ2TY8dIlqpxqzydh1amMmK8Y30pL-nMzcPSkaOVqO2T-Nm-N-2spw5QIxZBOZVABzyHXc1I5rtzcGaQTmGZZ0b2ZM9nO9eaA1NymHj7Lgtm7S4AqYGOxXpFv5VK2c9XXSsi26VblMuq-5Q8v2u7KvFjbNXS5gWmdpL7UjSlY0EN3s7ZSz5szza9HrarVJNBIeWwjQJu_hWOgZjQmGqy_95KgfzNnmbiRu0VR2osky8VcOBwjT8v0iAXkw&sai=AMfl-YQkIwrwbmy3P7r17afcT0uMmPqoQh0zIl3sdFPsvnt82Ln6WaxGFNzQROCpChzOTPrXcM1Pob9haU_ZgTp8YAvohLVOuw9CZD3tY1dsY_CaYKQnxJdBos0d_Il9yA&sig=Cg0ArKJSzAtEdDvfqVfFEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 07 Feb 2023 09:22:35 GMT
vpaid.js
ad.lkqd.net/vpaid/ Frame 7338 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1675761755.cds151.fr8.hn,1675761755.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
moxplayer.css
ad.vidverto.io/js/moxplayer/ 		51 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/moxplayer/moxplayer.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-cbf7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 07 Feb 2023 10:22:35 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96653b9b6b919a16dcfce983c42fa78193d2b2e5cec34cceb23a02572c994485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125826
x-xss-protection
0
expires
Tue, 07 Feb 2023 09:22:35 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 07 Feb 2023 10:22:35 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
04a436758e8992373a49eb612d5b5f54a6fe9e6b1aedab24b510411630fa99b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
last-modified
Fri, 17 Sep 2021 18:13:12 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6144dab8-ea58"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 07 Feb 2023 10:22:35 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		87 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
76f7aab784e206ad216b632a8ac2bb36e52083e014c1c6e7f43c52912b0c6371

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
last-modified
Mon, 16 Jan 2023 15:30:20 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"63c56d8c-15d1c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 07 Feb 2023 10:22:35 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		129 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 07:44:44 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdedec-205ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 07 Feb 2023 10:22:35 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
999 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
HTTP/1.1
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Nov 2020 16:53:37 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"5fac1711-a0a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.vidverto.io/images/favicon-16px.png
Protocol
HTTP/1.1
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:35 GMT
Last-Modified
Wed, 10 Jun 2020 14:52:51 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"5ee0f3c3-384"
Content-Type
image/png
Cache-Control
max-age=604800, public, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
900
Expires
Tue, 14 Feb 2023 09:22:35 GMT
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 10C2 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kpm7581ve6tht0mzzsjhrb8afzf2v73hrd1d26n6hr9wtf3j757brj0b6cakjf9fyjd03h058qx4khzh89921t5242xyp785vmytxyjk19gnn82v5zrprzt63n4nm7h1k3f5q5ajbkv90k1qe450eh0th8qm72r65a64vyx8zbhex0p414hfaa3k21eaxd8m6pdw50g6ddk2xtpp7j9x45e4m9zatz92mt34eadr8px19q5jnqsgqd81r9xetphmhtvq0g8k8c1bvyxmmtw00t9hrtt6rs4s4ba8mb78wpvdy1ha8y47n9j1ehej7f8mj0zqz9tqmzdcb9zpcsa988j5c2pb1g2krnxm0t0y7bxmz5ppxtd0qrfx9z7cyd11hf6693typkjf5a1ar1zsa32hgje4q061hf232xqqnmf8epgfw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kpm7581ve6tht0mzzsjhrb8afzf2v73hrd1d26n6hr9wtf3j757brj0b6cakjf9fyjd03h058qx4khzh89921t5242xyp785vmytxyjk19gnn82v5zrprzt63n4nm7h1k3f5q5ajbkv90k1qe450eh0th8qm72r65a64vyx8zbhex0p414hfaa3k21eaxd8m6pdw50g6ddk2xtpp7j9x45e4m9zatz92mt34eadr8px19q5jnqsgqd81r9xetphmhtvq0g8k8c1bvyxmmtw00t9hrtt6rs4s4ba8mb78wpvdy1ha8y47n9j1ehej7f8mj0zqz9tqmzdcb9zpcsa988j5c2pb1g2krnxm0t0y7bxmz5ppxtd0qrfx9z7cyd11hf6693typkjf5a1ar1zsa32hgje4q061hf232xqqnmf8epgfw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%26client%3Dca-pub-8745593945608202%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57627
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrdEzh6cSzFYQNqiT%2FW0cDnuPhjvQ8lKLGgyqHkxsUG9kFNsLKE1jl%2BA%2FwuahwK%2BDnEyJyCyYwiO9UWTFGB92u99Jp9p4L3pJPAC4DHq%2BfEQYV0EI8thb3kadY1B53oR%2B1pYTTaeTgg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fdd7b378fd0-FRA
expires
Tue, 07 Feb 2023 10:22:35 GMT
r62eglto.js
ad4m.at/ Frame 10C2 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kpm7581ve6tht0mzzsjhrb8afzf2v73hrd1d26n6hr9wtf3j757brj0b6cakjf9fyjd03h058qx4khzh89921t5242xyp785vmytxyjk19gnn82v5zrprzt63n4nm7h1k3f5q5ajbkv90k1qe450eh0th8qm72r65a64vyx8zbhex0p414hfaa3k21eaxd8m6pdw50g6ddk2xtpp7j9x45e4m9zatz92mt34eadr8px19q5jnqsgqd81r9xetphmhtvq0g8k8c1bvyxmmtw00t9hrtt6rs4s4ba8mb78wpvdy1ha8y47n9j1ehej7f8mj0zqz9tqmzdcb9zpcsa988j5c2pb1g2krnxm0t0y7bxmz5ppxtd0qrfx9z7cyd11hf6693typkjf5a1ar1zsa32hgje4q061hf232xqqnmf8epgfw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
471134
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWvpes4VjRCVpO9zR%2B4YIFFpAUHFYZy4qwU3o%2F45ROFdbF2bYeJLKnsQA4zSKSpn6BSuqsUnlmSmt9y3LCosqmcjUtfrYxR7IhM8TO%2BDyUpDBV7EgkMC%2Fy83DeWjgSPqcM458Qs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
795b0fdd7b3a8fd0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Jan 2023 15:04:22 GMT
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame E2A0 		94 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gqdt2050ypgad3dvs8nrrw5vfpvpbzvxzfdphv9yrttpkw3wpf67gfg0qyt5sp9v9fa968q81d0n3y47avdt1n8vrbbdxgqg5yr16gqjtrdp82fkgm990z4ny66jw25y46b9a39tjnpa05p8cm4tws03h59ts5gnrkjkbwyz0qyjsvdyx0agk7j743pw17ckfmqcaanxh81bcxctz80nbv9x70syb6rw8gcdrv842x5ww8sp7a2vf80t1ve81bmxan5j4cjf64c5g3713yfq87djkya812jeccrfwqqxbm4tsd8fw92rhjkh353c4sj3m0y6gb8rv4eyz727gecpajzcptb1qeb363w5fj6bf129hpn7jpr5cchvp6bbcpner21m5rjqhd4d8g33d4pg8qrrecrasq6zpd016fwyem9wq0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo7ZJWhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf79EiS92KMlZ7gWhZRxjPAsTgf5n8oykAU5Hnc4vRRWudzfvBqHSSN9ZY-AEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0eydoCOmNS9PMvixd6cclmJyvkNQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gqdt2050ypgad3dvs8nrrw5vfpvpbzvxzfdphv9yrttpkw3wpf67gfg0qyt5sp9v9fa968q81d0n3y47avdt1n8vrbbdxgqg5yr16gqjtrdp82fkgm990z4ny66jw25y46b9a39tjnpa05p8cm4tws03h59ts5gnrkjkbwyz0qyjsvdyx0agk7j743pw17ckfmqcaanxh81bcxctz80nbv9x70syb6rw8gcdrv842x5ww8sp7a2vf80t1ve81bmxan5j4cjf64c5g3713yfq87djkya812jeccrfwqqxbm4tsd8fw92rhjkh353c4sj3m0y6gb8rv4eyz727gecpajzcptb1qeb363w5fj6bf129hpn7jpr5cchvp6bbcpner21m5rjqhd4d8g33d4pg8qrrecrasq6zpd016fwyem9wq0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo7ZJWhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf79EiS92KMlZ7gWhZRxjPAsTgf5n8oykAU5Hnc4vRRWudzfvBqHSSN9ZY-AEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0eydoCOmNS9PMvixd6cclmJyvkNQ%26client%3Dca-pub-8745593945608202%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57627
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3P%2Fed34fxHekcF2tBoaynvPUZGzwsiUm3rBZcJJ84eB1uNCImPz3QodHZdk5U6UeEEZmFzYK%2BdGuWDcZ%2Fn2XpfU7ho%2FyJh9mNVkqJooFazBqrDgxxFShrGvHRW9V%2BIEDbMT9kAYMRs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fdd8b498fd0-FRA
expires
Tue, 07 Feb 2023 10:22:35 GMT
r62eglto.js
ad4m.at/ Frame E2A0 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gqdt2050ypgad3dvs8nrrw5vfpvpbzvxzfdphv9yrttpkw3wpf67gfg0qyt5sp9v9fa968q81d0n3y47avdt1n8vrbbdxgqg5yr16gqjtrdp82fkgm990z4ny66jw25y46b9a39tjnpa05p8cm4tws03h59ts5gnrkjkbwyz0qyjsvdyx0agk7j743pw17ckfmqcaanxh81bcxctz80nbv9x70syb6rw8gcdrv842x5ww8sp7a2vf80t1ve81bmxan5j4cjf64c5g3713yfq87djkya812jeccrfwqqxbm4tsd8fw92rhjkh353c4sj3m0y6gb8rv4eyz727gecpajzcptb1qeb363w5fj6bf129hpn7jpr5cchvp6bbcpner21m5rjqhd4d8g33d4pg8qrrecrasq6zpd016fwyem9wq0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo7ZJWhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf79EiS92KMlZ7gWhZRxjPAsTgf5n8oykAU5Hnc4vRRWudzfvBqHSSN9ZY-AEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0eydoCOmNS9PMvixd6cclmJyvkNQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
471134
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FZYKuNpiGLA8IwoNML8hnsDNs56sAARZiFS2rLF7TV9UxONiJOp6Al7AQ%2FkMiHlgvzrk9P7EgNwLibERbEWjDFCpHFjMzVZjtw9OcwWe4HEA4lKeP46gwnCnD8QbLN47%2BkUM9E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
795b0fdd8b4b8fd0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Jan 2023 15:04:22 GMT
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 43AA 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gz1vs1272vt11sh27xv8v5zcf7jpff02a5ggqmkvt0sj2cqcqe0d9x73359txh88ygd2jgapcpwhp7nqqtcsxpew7tycar3ysd7mt5j6wxseetnv5qxcfh3wjnvasjdn0cx46kkkgk9shhy9mpdbwyjeyrmyhz2d73xr4bz62383tq5603g0dm1wg26y0v799r91r6nk483jv5eg89a3vhmcdev0423anhpznszjz0gc5v9stnca2vvrcah97ps1ak0sxtrkc8phqp7re26xjr207p7twtg9pz7jy36pf2cn8pc2qmtxe4ekj89xt884tf8zdpj4fbbgmbzy7x3n7dkb6710qkds87ytk1f23ppr3bjymx1hvmfm78aqjsqv06ks7f5c6fhav13tszwam68ctdc2t75c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gz1vs1272vt11sh27xv8v5zcf7jpff02a5ggqmkvt0sj2cqcqe0d9x73359txh88ygd2jgapcpwhp7nqqtcsxpew7tycar3ysd7mt5j6wxseetnv5qxcfh3wjnvasjdn0cx46kkkgk9shhy9mpdbwyjeyrmyhz2d73xr4bz62383tq5603g0dm1wg26y0v799r91r6nk483jv5eg89a3vhmcdev0423anhpznszjz0gc5v9stnca2vvrcah97ps1ak0sxtrkc8phqp7re26xjr207p7twtg9pz7jy36pf2cn8pc2qmtxe4ekj89xt884tf8zdpj4fbbgmbzy7x3n7dkb6710qkds87ytk1f23ppr3bjymx1hvmfm78aqjsqv06ks7f5c6fhav13tszwam68ctdc2t75c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%26client%3Dca-pub-8745593945608202%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57627
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3bC0KCgQT1IymWD7P7LAwumUR5G6m9Stx%2BNUAZ%2BKrt1hjwjJpEhINhy8RrSn9TfP8yr9o%2BwqAb28Z5PsvWhyhaL2JK0NLkLhVmhLpxtnFLlOfztuixHnLF2aWJ5tHMTQ4jLX4Sg%2BhM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fdd8b558fd0-FRA
expires
Tue, 07 Feb 2023 10:22:35 GMT
fxpcopuw.js
ad4m.at/ Frame 43AA 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gz1vs1272vt11sh27xv8v5zcf7jpff02a5ggqmkvt0sj2cqcqe0d9x73359txh88ygd2jgapcpwhp7nqqtcsxpew7tycar3ysd7mt5j6wxseetnv5qxcfh3wjnvasjdn0cx46kkkgk9shhy9mpdbwyjeyrmyhz2d73xr4bz62383tq5603g0dm1wg26y0v799r91r6nk483jv5eg89a3vhmcdev0423anhpznszjz0gc5v9stnca2vvrcah97ps1ak0sxtrkc8phqp7re26xjr207p7twtg9pz7jy36pf2cn8pc2qmtxe4ekj89xt884tf8zdpj4fbbgmbzy7x3n7dkb6710qkds87ytk1f23ppr3bjymx1hvmfm78aqjsqv06ks7f5c6fhav13tszwam68ctdc2t75c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78e99d887a74e2a58d9264a0a15b2953f5ecb5b70838cbaab5a3869a76f8c706

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
584275
etag
W/"6080661f69dc3db9c889ba58b02808d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGDOYU4rNMEn2icHKsbseKrm7SekEyAiF9y0fMfXupTtt%2BMtm1Rl9tRwjCQdahhYp0t0MLlMQKrn6j89XbAc6hs70baaYBnRo8gE3zbcgZMRg3NsITgEDSSUCTkqo8SIRXaQ52c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
795b0fdd8b578fd0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Jan 2023 15:04:40 GMT
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 13D6 		94 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gy1rp4zh5rhk2nswa66b3mgz6eg7c185gq7mn8sz2p6zgd30cnw514mw5m5erbgef8ckehv1q33btssc0x3b18kyjb8fh3a38hwd43s30sx87xzb1dg63fz8xbfq01jqk69f6rs27z0t8d1x3hd9bbjh0qan29e0zk50dn50ysw7x9pdm059t1c1phzhm1dn9z4b2ap1v5tfbe09vrh1mkyyxmkwzjeg7kggx9bfqbmsm02te8vaprhbqwsvkevmzz90xbvtyy8kct9csakvzw5g7m7amtkqwa9n7jzvf3xgg5khsdk8e2wkxkk38zmdhv0zx0jegsxv895kamsezq79bdrwhpyeggzrf7rnx8yefyca0e4vjc8am3jx1ykv03hj05hk74qdagpt25cd7anes7s5rhq614s53arbrrfjsr7yjd4y3cb1z0hvpbz8vwntbv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gy1rp4zh5rhk2nswa66b3mgz6eg7c185gq7mn8sz2p6zgd30cnw514mw5m5erbgef8ckehv1q33btssc0x3b18kyjb8fh3a38hwd43s30sx87xzb1dg63fz8xbfq01jqk69f6rs27z0t8d1x3hd9bbjh0qan29e0zk50dn50ysw7x9pdm059t1c1phzhm1dn9z4b2ap1v5tfbe09vrh1mkyyxmkwzjeg7kggx9bfqbmsm02te8vaprhbqwsvkevmzz90xbvtyy8kct9csakvzw5g7m7amtkqwa9n7jzvf3xgg5khsdk8e2wkxkk38zmdhv0zx0jegsxv895kamsezq79bdrwhpyeggzrf7rnx8yefyca0e4vjc8am3jx1ykv03hj05hk74qdagpt25cd7anes7s5rhq614s53arbrrfjsr7yjd4y3cb1z0hvpbz8vwntbv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%26client%3Dca-pub-8745593945608202%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57627
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqPF6ne5e5WO39plhdzOjQeKf4BIv49Z0Zv4MMFiVviXXXOycKqBh0nht3p4xpuL9m4B3XPSqpnlM%2BPCUePKahjq5afZkYB6DX5MICNzK4FzqAG%2FxJVvq%2Fy%2FWMcVTXlWX%2BQA1AHbIpw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fdd9b658fd0-FRA
expires
Tue, 07 Feb 2023 10:22:35 GMT
r62eglto.js
ad4m.at/ Frame 13D6 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gy1rp4zh5rhk2nswa66b3mgz6eg7c185gq7mn8sz2p6zgd30cnw514mw5m5erbgef8ckehv1q33btssc0x3b18kyjb8fh3a38hwd43s30sx87xzb1dg63fz8xbfq01jqk69f6rs27z0t8d1x3hd9bbjh0qan29e0zk50dn50ysw7x9pdm059t1c1phzhm1dn9z4b2ap1v5tfbe09vrh1mkyyxmkwzjeg7kggx9bfqbmsm02te8vaprhbqwsvkevmzz90xbvtyy8kct9csakvzw5g7m7amtkqwa9n7jzvf3xgg5khsdk8e2wkxkk38zmdhv0zx0jegsxv895kamsezq79bdrwhpyeggzrf7rnx8yefyca0e4vjc8am3jx1ykv03hj05hk74qdagpt25cd7anes7s5rhq614s53arbrrfjsr7yjd4y3cb1z0hvpbz8vwntbv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
471134
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkxMjn%2BBWyXx0sSalP6Uy0YleGmb85Tooz6bTpy45OIuAnLAo3dZJSX8gG36shHzVHOpSkH6tPkzwn5XpSwH3xC5xRjFtA4iTYVwg1RYScbEUIZoehkezdXla2GL2Fqzi5KSRnQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
795b0fdd9b668fd0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Jan 2023 15:04:22 GMT
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 5795 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g5xv36gdqay1vvr7e1gh2rsy5rk1k6ae2hgd5by8930acta9ng34v61v9ysnphch4emn00x04zdqq117qkd9eszx7208sfd1ayt81zk10xg7h251bk9abk3dh250dvgq8ws29dzzjpq9q28bcabjz2jfqz0733702hspf52kz28p25s2a9v36n4qxx1erw30n1qzvd4vdgxwpmhe729zw0bnf03gwb3tmyargetz32nhfae469rv66ydma9d9hb41gf427e60bh60qnz2f1v92ea722sqdcejj1wv80eqkzj3c9e5varm5h3g1a6vw6sbmtbfq8nrnb2r6pyszxcfpxv97czp9y4vvs050wkqng8rehpx1jxkky6wvvwhszcn5m9hrjfwx0h9v7vz23hnwbkyfzpyqatrhdqsn5frhcd7gqfv1ahwjjb5r2rbthrf1nf9jy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g5xv36gdqay1vvr7e1gh2rsy5rk1k6ae2hgd5by8930acta9ng34v61v9ysnphch4emn00x04zdqq117qkd9eszx7208sfd1ayt81zk10xg7h251bk9abk3dh250dvgq8ws29dzzjpq9q28bcabjz2jfqz0733702hspf52kz28p25s2a9v36n4qxx1erw30n1qzvd4vdgxwpmhe729zw0bnf03gwb3tmyargetz32nhfae469rv66ydma9d9hb41gf427e60bh60qnz2f1v92ea722sqdcejj1wv80eqkzj3c9e5varm5h3g1a6vw6sbmtbfq8nrnb2r6pyszxcfpxv97czp9y4vvs050wkqng8rehpx1jxkky6wvvwhszcn5m9hrjfwx0h9v7vz23hnwbkyfzpyqatrhdqsn5frhcd7gqfv1ahwjjb5r2rbthrf1nf9jy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%26client%3Dca-pub-8745593945608202%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57627
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwDeE2qmQ4JQtRXNY2zAOFMk1mRByVv9fNBMzW0Ty9ncrbDHJIu9bAU8dCEcMk4lc9H9I1eMKtHNRddKNSeDueVhNcO%2BYqlwhl%2BgXGIZA1esJduEVIYW4L%2FnR4VZ4U%2Ft75ru12k%2B0iY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fddab688fd0-FRA
expires
Tue, 07 Feb 2023 10:22:35 GMT
r62eglto.js
ad4m.at/ Frame 5795 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g5xv36gdqay1vvr7e1gh2rsy5rk1k6ae2hgd5by8930acta9ng34v61v9ysnphch4emn00x04zdqq117qkd9eszx7208sfd1ayt81zk10xg7h251bk9abk3dh250dvgq8ws29dzzjpq9q28bcabjz2jfqz0733702hspf52kz28p25s2a9v36n4qxx1erw30n1qzvd4vdgxwpmhe729zw0bnf03gwb3tmyargetz32nhfae469rv66ydma9d9hb41gf427e60bh60qnz2f1v92ea722sqdcejj1wv80eqkzj3c9e5varm5h3g1a6vw6sbmtbfq8nrnb2r6pyszxcfpxv97czp9y4vvs050wkqng8rehpx1jxkky6wvvwhszcn5m9hrjfwx0h9v7vz23hnwbkyfzpyqatrhdqsn5frhcd7gqfv1ahwjjb5r2rbthrf1nf9jy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
471134
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HApts3wvATbJqymqI03Bqahe8hcjadG%2BkwkXHz7oVIV99eZ%2BkHXf102vzS4yjno7iIdrjZaruNY29sZ5QAHULiehgZgzztdkXG3LD3PHFTtwJyRgegmQU%2B93Oi%2BocXK7Qs08GS8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
795b0fddab6a8fd0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Jan 2023 15:04:22 GMT
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 46C3 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g5x3trv83pwpjafcy4e9nx9f55cj2byagvcb3ekh9j1fqgj2208qw2br42r275wpy0gr3hzw44czzd4kjp0d4eqqjyqbx3vrefzc1pw3pek6zdwfc8a8szk63873vmcygmfbg2rcxcp7ww7yeyzc6p3q77t83m138atd437d83wergr0gp7kg72th1jz5k5hd2dbgbf3g1vjh69bze27nzsaqnhdgbtt7e2p7qx4g10a6ns4hnxnkkwq5dq29rwkz30tnwxvj72bah9q3p6qn4dvham6bya3xp8nyxjy7pbpt1fdm92bzvtng8ncaf5tazxspr9p92vtwvfx43d4zeynn1b9r3w5g1mk60tbwtt5sbh49fv310pw36ww6q86wnqyrf5s0b0e794bngzw22v37yy9m4txxzgnxv2sffm2xtja18t609n9ky4me9bybg4cyk7ew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1g5x3trv83pwpjafcy4e9nx9f55cj2byagvcb3ekh9j1fqgj2208qw2br42r275wpy0gr3hzw44czzd4kjp0d4eqqjyqbx3vrefzc1pw3pek6zdwfc8a8szk63873vmcygmfbg2rcxcp7ww7yeyzc6p3q77t83m138atd437d83wergr0gp7kg72th1jz5k5hd2dbgbf3g1vjh69bze27nzsaqnhdgbtt7e2p7qx4g10a6ns4hnxnkkwq5dq29rwkz30tnwxvj72bah9q3p6qn4dvham6bya3xp8nyxjy7pbpt1fdm92bzvtng8ncaf5tazxspr9p92vtwvfx43d4zeynn1b9r3w5g1mk60tbwtt5sbh49fv310pw36ww6q86wnqyrf5s0b0e794bngzw22v37yy9m4txxzgnxv2sffm2xtja18t609n9ky4me9bybg4cyk7ew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%26client%3Dca-pub-8745593945608202%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57628
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2xH19Jxm1h7bxFenRmzE%2F0iZ%2BspGZ%2FaV0t0fUfzCFhtpEGfMalKMZ7N0FT8dAHDNjfYH3yF3CPoJ6brlslNhI2hBDPz2TBo7%2BKL39jvnaTznRVP3hmkBQ98%2FE7yF%2FjdbATVL0kLpXw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fddbd9891d2-FRA
expires
Tue, 07 Feb 2023 10:22:35 GMT
r62eglto.js
ad4m.at/ Frame 46C3 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g5x3trv83pwpjafcy4e9nx9f55cj2byagvcb3ekh9j1fqgj2208qw2br42r275wpy0gr3hzw44czzd4kjp0d4eqqjyqbx3vrefzc1pw3pek6zdwfc8a8szk63873vmcygmfbg2rcxcp7ww7yeyzc6p3q77t83m138atd437d83wergr0gp7kg72th1jz5k5hd2dbgbf3g1vjh69bze27nzsaqnhdgbtt7e2p7qx4g10a6ns4hnxnkkwq5dq29rwkz30tnwxvj72bah9q3p6qn4dvham6bya3xp8nyxjy7pbpt1fdm92bzvtng8ncaf5tazxspr9p92vtwvfx43d4zeynn1b9r3w5g1mk60tbwtt5sbh49fv310pw36ww6q86wnqyrf5s0b0e794bngzw22v37yy9m4txxzgnxv2sffm2xtja18t609n9ky4me9bybg4cyk7ew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
471134
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vC3Rjuc7PCjYb9%2FgMOcbJlQqYQo%2Bd7hLWyMkoXf3RRrNW5c8uM1MI7%2FE9ah0zd3dVC9%2BRNu322HlQvEeurEmZPGh8ERhVK6GWxXkZccwGa%2Bx4qHoktQHaJ99iwtGwfIh8wSQfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
795b0fddbb768fd0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Jan 2023 15:04:22 GMT
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 8A0E 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gtqdn7wfn7a1qfhh69zgkn0rr8jjfz7s22ee4tetznm5y7pnwqydg1c93g9d37z0n2vw3tjwg94m254178bpxrkfefjw1jhbb461v3nwp81gw5bhbeqc0n1acy4pt3byqpx4mxxmamb5sww7e2vk8k30ak9zr701tst8hw650wy54hr1whengn846mqrhcjsrjbk397q080pq6hepypdb51p5e3ezgts0364krmjgn8xqqa0t570mh05m3eddastapmf2x6kjevtwyvtp9jxjc623n5cc3n7mme9w9z92696hnfxqj170edjgmj1znk1bbfb10eanrnn7ae3v41jg4kjavwy7h6za8s51cjdt6psykje9nnsnah6eey32s5jfb6r0bccjxe4cmzqxjr0rmycsdsmy6h9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gtqdn7wfn7a1qfhh69zgkn0rr8jjfz7s22ee4tetznm5y7pnwqydg1c93g9d37z0n2vw3tjwg94m254178bpxrkfefjw1jhbb461v3nwp81gw5bhbeqc0n1acy4pt3byqpx4mxxmamb5sww7e2vk8k30ak9zr701tst8hw650wy54hr1whengn846mqrhcjsrjbk397q080pq6hepypdb51p5e3ezgts0364krmjgn8xqqa0t570mh05m3eddastapmf2x6kjevtwyvtp9jxjc623n5cc3n7mme9w9z92696hnfxqj170edjgmj1znk1bbfb10eanrnn7ae3v41jg4kjavwy7h6za8s51cjdt6psykje9nnsnah6eey32s5jfb6r0bccjxe4cmzqxjr0rmycsdsmy6h9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%26client%3Dca-pub-8745593945608202%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57628
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fosdsg8e0tDFT%2BY6Ek7IBAyGccZmUWHSe9J0bD9fuGNZoCLnaS8%2BWfFIkuY6JL8B7kMI5K2oTxYDD4Lu60rwbmbSnBgBRlDd00edrO8DJO4rPytDYJM%2Bqi0QHZdfOooNR8wsR%2BSGF64%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fddcda491d2-FRA
expires
Tue, 07 Feb 2023 10:22:35 GMT
fxpcopuw.js
ad4m.at/ Frame 8A0E 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gtqdn7wfn7a1qfhh69zgkn0rr8jjfz7s22ee4tetznm5y7pnwqydg1c93g9d37z0n2vw3tjwg94m254178bpxrkfefjw1jhbb461v3nwp81gw5bhbeqc0n1acy4pt3byqpx4mxxmamb5sww7e2vk8k30ak9zr701tst8hw650wy54hr1whengn846mqrhcjsrjbk397q080pq6hepypdb51p5e3ezgts0364krmjgn8xqqa0t570mh05m3eddastapmf2x6kjevtwyvtp9jxjc623n5cc3n7mme9w9z92696hnfxqj170edjgmj1znk1bbfb10eanrnn7ae3v41jg4kjavwy7h6za8s51cjdt6psykje9nnsnah6eey32s5jfb6r0bccjxe4cmzqxjr0rmycsdsmy6h9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78e99d887a74e2a58d9264a0a15b2953f5ecb5b70838cbaab5a3869a76f8c706

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
584275
etag
W/"6080661f69dc3db9c889ba58b02808d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFpOi3eCRgN20Vs6K%2BNg3nvzd7JoaQORggjQWlyqm5eT2T4qG3QWpFLlRgwR8DAgw0zrA5s2L%2FgU6Ask40ZTwmZ4zCBOFxvsZWtnlDRnyl%2FqYT36r%2F4KaYnWstGGyxLfoWk7OWI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
795b0fddcb868fd0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Jan 2023 15:04:40 GMT
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame E20B 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kmz842rnxwkjqpas3dm8t1s7f874z3b7mahw3mf63ba679w0edcwp036605hn3bh8j6k11zjkggv6787scp460t3wd57vsmrfdrc97a08ccjkd3mb3mw8bx51pcna2kb7np68qmzt22mzvbrxhgpjkfw0tpjbvn07wmawvtdhpxaxknep1jhwnpc8yt8t9qahbyk2q2z2ygcjvx3k3f9z42ey9jwzd9kkmd3c2bn9xvfc5jvv8kj44m46h8d0fw9n3qtsnv8gg86cq7jy822851hg6q8gt9s13hs27yhttp0pbv261z3ecpb1y297fc72xf35xpdercvd7hvbp93tt2wgw9n00mpb4vbv67bwta5hjdjbmgqpmb3wb0j3wt5469tfrmwsdnxg4fjxqv9fcq0h6acdeggjnet31jx1zq43ea3q6zhczz0dvxkj08479653n7s8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kmz842rnxwkjqpas3dm8t1s7f874z3b7mahw3mf63ba679w0edcwp036605hn3bh8j6k11zjkggv6787scp460t3wd57vsmrfdrc97a08ccjkd3mb3mw8bx51pcna2kb7np68qmzt22mzvbrxhgpjkfw0tpjbvn07wmawvtdhpxaxknep1jhwnpc8yt8t9qahbyk2q2z2ygcjvx3k3f9z42ey9jwzd9kkmd3c2bn9xvfc5jvv8kj44m46h8d0fw9n3qtsnv8gg86cq7jy822851hg6q8gt9s13hs27yhttp0pbv261z3ecpb1y297fc72xf35xpdercvd7hvbp93tt2wgw9n00mpb4vbv67bwta5hjdjbmgqpmb3wb0j3wt5469tfrmwsdnxg4fjxqv9fcq0h6acdeggjnet31jx1zq43ea3q6zhczz0dvxkj08479653n7s8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%26client%3Dca-pub-8745593945608202%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57628
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AK%2BkIW1JKjb1%2BYSfR4wOzpvQanV%2FEQgSGCAGbOU%2FB4Ylez6C2DgrZMLkaQuDRh5dT4d1SQelsU7qqnBFse%2FECGIqpT4G8pUFoYPQv7RKR4GP71v%2BeTKZqJJr2bKHWD2Pj%2FjpJ8FbVTc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fddedba91d2-FRA
expires
Tue, 07 Feb 2023 10:22:35 GMT
r62eglto.js
ad4m.at/ Frame E20B 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kmz842rnxwkjqpas3dm8t1s7f874z3b7mahw3mf63ba679w0edcwp036605hn3bh8j6k11zjkggv6787scp460t3wd57vsmrfdrc97a08ccjkd3mb3mw8bx51pcna2kb7np68qmzt22mzvbrxhgpjkfw0tpjbvn07wmawvtdhpxaxknep1jhwnpc8yt8t9qahbyk2q2z2ygcjvx3k3f9z42ey9jwzd9kkmd3c2bn9xvfc5jvv8kj44m46h8d0fw9n3qtsnv8gg86cq7jy822851hg6q8gt9s13hs27yhttp0pbv261z3ecpb1y297fc72xf35xpdercvd7hvbp93tt2wgw9n00mpb4vbv67bwta5hjdjbmgqpmb3wb0j3wt5469tfrmwsdnxg4fjxqv9fcq0h6acdeggjnet31jx1zq43ea3q6zhczz0dvxkj08479653n7s8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
584293
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhmflH4djbCXHr8ldIthBQY%2BmJvIeNIahjGLanSltp6LOiD6JFuwwPZpGaxXKCNtCZsoh0jg3oTiaOGfwnbYy9fevLFaRrhOaW2H63QLaflupnHqpawtnyt1JywMIPhzOPTp5E4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
795b0fddedbb91d2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Jan 2023 15:04:22 GMT
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 5989 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gmmahp0aen8stdzahve9jmdkmqaj98ks1f8p5hxjefnty55mdfgm9jsmmymhr307qkvwkd9zwr5g10awr9frgv7c8akptfj4acxd39pjs843yfndqz9s4gv097ahqnj3x7gws0m2s4f4czkpskrg1fgyr6f7pjsjre72zxze4rsgkcqescb8dnzxbsf44bw9efk2gv7pyj5419qx4e325nrx715pwqwb2gbh74tdtc85hs0bff3m0jd58j15vt4mf2p5rdd3agh2zpqwhtxxmetzx8zn9mdbktvkva3vzhngpd4pp8ecwpdj7yawy859z94wytamhn3t39xc5nafgvas1v4148nbsses5ggaxdwdk2yybemc74ajbmefwyktyx0jbd14rvyh6ak4bkxk8ty98jh5j1b7h6cpv10p189qsr6y88szehfsamwkz9xgk9t6expjr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gmmahp0aen8stdzahve9jmdkmqaj98ks1f8p5hxjefnty55mdfgm9jsmmymhr307qkvwkd9zwr5g10awr9frgv7c8akptfj4acxd39pjs843yfndqz9s4gv097ahqnj3x7gws0m2s4f4czkpskrg1fgyr6f7pjsjre72zxze4rsgkcqescb8dnzxbsf44bw9efk2gv7pyj5419qx4e325nrx715pwqwb2gbh74tdtc85hs0bff3m0jd58j15vt4mf2p5rdd3agh2zpqwhtxxmetzx8zn9mdbktvkva3vzhngpd4pp8ecwpdj7yawy859z94wytamhn3t39xc5nafgvas1v4148nbsses5ggaxdwdk2yybemc74ajbmefwyktyx0jbd14rvyh6ak4bkxk8ty98jh5j1b7h6cpv10p189qsr6y88szehfsamwkz9xgk9t6expjr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%26client%3Dca-pub-8745593945608202%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57628
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfH4HgHCfjkb9ojyFzRnwUyI61ZDgendc%2FXw%2F5lumuU%2FBCbXyzAvKGo2Ul6jVgk5qN6GTr20RmJ6W6ktOzmUFnBlYoncFy%2FMj5A7JS2H%2Fe639EPpidm9vqeqXZ2gWuk6n%2F19PKj%2BNOM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fddfdc691d2-FRA
expires
Tue, 07 Feb 2023 10:22:35 GMT
r62eglto.js
ad4m.at/ Frame 5989 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gmmahp0aen8stdzahve9jmdkmqaj98ks1f8p5hxjefnty55mdfgm9jsmmymhr307qkvwkd9zwr5g10awr9frgv7c8akptfj4acxd39pjs843yfndqz9s4gv097ahqnj3x7gws0m2s4f4czkpskrg1fgyr6f7pjsjre72zxze4rsgkcqescb8dnzxbsf44bw9efk2gv7pyj5419qx4e325nrx715pwqwb2gbh74tdtc85hs0bff3m0jd58j15vt4mf2p5rdd3agh2zpqwhtxxmetzx8zn9mdbktvkva3vzhngpd4pp8ecwpdj7yawy859z94wytamhn3t39xc5nafgvas1v4148nbsses5ggaxdwdk2yybemc74ajbmefwyktyx0jbd14rvyh6ak4bkxk8ty98jh5j1b7h6cpv10p189qsr6y88szehfsamwkz9xgk9t6expjr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
584293
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UswXmYgR7P%2BNwkpUq7pEX70HedwADtsWPX9WKk6gBKHayJmpGibZflsYPFUbttSpaFWy3uVyyfQZDFLZC6T6iQVYjqHa5LMNwjracYKHqM0LypZHp0B%2FKmpK%2BI%2BpFzMx45tvzuU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
795b0fddfdc791d2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Jan 2023 15:04:22 GMT
dpixel
cms.quantserve.com/ Frame 746A 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI99FzmcRpC7XE05ccINjxM&google_cver=1&google_push=Aa02lx_AWJiIu9xhIKGqkqRWAn8r859u8YADLk15T3lIPDNgL0Pjb16eLteS56hetmDdofQms_s36BDh7fYbq9HwZlVYx01K09KthcM
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 746A 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIQZoEDj5jTF5O6MGGUPfTU&google_cver=1&google_push=Aa02lx_Dm1xauUcn3VwkhEkvEru0oVxw42BghXn9wbJa5rSPNOccYK6Hq7stCBtBDpdN19XkUoDJeZSTFqmXlczB5DYn1mp49Ic9lWk
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 746A
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDsRFYrIb8yQKwDlmwgExCo&google_cver=1&google_push=Aa02lx9xjlfJq3zYGsdWK7HZLriMrmK4BlywyjVTqNErga6-HdPx4aCxhL5-pOEg8tAtDUb788uVY42tkwyvOF...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NzM0MTkzNzkwOTQzMDQyMQ%3D%3D&google_push=Aa02lx9xjlfJq3zYGsdWK7HZLriMrmK4BlywyjVTqNErga6-HdPx4aCxhL5-pOEg8tAtDUb788uVY42tkwyvOF8MmY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NzM0MTkzNzkwOTQzMDQyMQ%3D%3D&google_push=Aa02lx9xjlfJq3zYGsdWK7HZLriMrmK4BlywyjVTqNErga6-HdPx4aCxhL5-pOEg8tAtDUb788uVY42tkwyvOF8MmYF6acWEvcImgIs
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NzM0MTkzNzkwOTQzMDQyMQ%3D%3D&google_push=Aa02lx9xjlfJq3zYGsdWK7HZLriMrmK4BlywyjVTqNErga6-HdPx4aCxhL5-pOEg8tAtDUb788uVY42tkwyvOF8MmYF6acWEvcImgIs
Date
Tue, 07 Feb 2023 09:22:36 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 746A
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBqOPjFxzUQfBeE6b7RRfzc&google_cver=1&google_push=Aa02lx9PkedvuSt77g6AOwGbmFSajHQEz0_KlYWwF4GnQY6uo9BcDGgr8m6_dIQOLbOKMJ4q1x01_ZiN8o5bGZI9...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JfBmhATMQC-xFwEeTy8WsA2&google_push=Aa02lx9PkedvuSt77g6AOwGbmFSajHQEz0_KlYWwF4GnQY6uo9BcDGgr8m6_dIQOLbOKMJ4q1x01_ZiN8o5bGZI9lU-Tr1lCeD4ZHDU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JfBmhATMQC-xFwEeTy8WsA2&google_push=Aa02lx9PkedvuSt77g6AOwGbmFSajHQEz0_KlYWwF4GnQY6uo9BcDGgr8m6_dIQOLbOKMJ4q1x01_ZiN8o5bGZI9lU-Tr1lCeD4ZHDU
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 09:22:36 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=JfBmhATMQC-xFwEeTy8WsA2&google_push=Aa02lx9PkedvuSt77g6AOwGbmFSajHQEz0_KlYWwF4GnQY6uo9BcDGgr8m6_dIQOLbOKMJ4q1x01_ZiN8o5bGZI9lU-Tr1lCeD4ZHDU
x-host
tde-deliveryengine-production-fb497649f-nvcbh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 746A
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOkRf6h2zR1xi4jWJMaEh4E&google_cver=1&google_push=Aa02lx9ZiWixg5ZlPWcMWq-BpTbL2i2EQjhHHIHcdCb92RNavASv8im-8MZU8s3i2p90GcL2u_0XS1BgH6eEI1cq3...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOkRf6h2zR1xi4jWJMaEh4E&google_cver=1&google_push=Aa02lx9ZiWixg5ZlPWcMWq-BpTbL2i2EQjhHHIHcdCb92RNavASv8im-8MZU8s3i2p90GcL2u_0XS1BgH6eEI1cq3...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9ZiWixg5ZlPWcMWq-BpTbL2i2EQjhHHIHcdCb92RNavASv8im-8MZU8s3i2p90GcL2u_0XS1BgH6eEI1cq3y7pogGNYSCTyQ&google_hm=GHbSDGZHTiizMHpOREet...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9ZiWixg5ZlPWcMWq-BpTbL2i2EQjhHHIHcdCb92RNavASv8im-8MZU8s3i2p90GcL2u_0XS1BgH6eEI1cq3y7pogGNYSCTyQ&google_hm=GHbSDGZHTiizMHpOREetfWxO
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 09:22:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9ZiWixg5ZlPWcMWq-BpTbL2i2EQjhHHIHcdCb92RNavASv8im-8MZU8s3i2p90GcL2u_0XS1BgH6eEI1cq3y7pogGNYSCTyQ&google_hm=GHbSDGZHTiizMHpOREetfWxO
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 746A
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDYsVKRSeMQI0xjGUNxVmyE&google_cver=1&google_push=Aa02lx9SpJI9C8xu7eCxHbCSFB8mSmrnKom0KraBBrKMIGUsVDW816vIARi0RpRNYJsFdpS-pmUrS0FPyEJlK0a9jOkJTR2Hnj...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9SpJI9C8xu7eCxHbCSFB8mSmrnKom0KraBBrKMIGUsVDW816vIARi0RpRNYJsFdpS-pmUrS0FPyEJlK0a9jOkJTR2Hnjc...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx9SpJI9C8xu7eCxHbCSFB8mSmrnKom0KraBBrKMIGUsVDW816vIARi0RpRN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx9SpJI9C8xu7eCxHbCSFB8mSmrnKom0KraBBrKMIGUsVDW816vIARi0RpRNYJsFdpS-pmUrS0FPyEJlK0a9jOkJTR2HnjcXlJ8
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx9SpJI9C8xu7eCxHbCSFB8mSmrnKom0KraBBrKMIGUsVDW816vIARi0RpRNYJsFdpS-pmUrS0FPyEJlK0a9jOkJTR2HnjcXlJ8
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 746A
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELUSMkC3d...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=7b98b217-8a90-4507-852e-bd18524b0892&%%GOOGLE_PUSH_PAIR%%
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=7b98b217-8a90-4507-852e-bd18524b0892&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=7b98b217-8a90-4507-852e-bd18524b0892&%%GOOGLE_PUSH_PAIR%%
date
Tue, 07 Feb 2023 09:22:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 746A 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JpNS2TkeBpFXYaaJ4D53V7tB2knVLJQBNLGsF54I13vlUsAXL1gg8_GSj2k6n2iMVzLoS5xw
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame FB53
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHNhUSdgLsGI8yLs0V-GjWQ&google_cver=1&google_push=Aa02lx-kzwG8VZYNC9LEvY7wbCYBtjBRtXI-yrHu_w0zeU70TLXZczT-O2cr1t2bE8czI9pqj5s9RL17S_Kc7vPmpACTwOZ_71jpIFl_
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=61BDF0114B9E460585098B08786C2192&google_push=Aa02lx-kzwG8VZYNC9LEvY7wbCYBtjBRtXI-yrHu_w0zeU70TLXZczT-O2cr1t2bE8czI9pqj5s9RL17S_Kc7vP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=61BDF0114B9E460585098B08786C2192&google_push=Aa02lx-kzwG8VZYNC9LEvY7wbCYBtjBRtXI-yrHu_w0zeU70TLXZczT-O2cr1t2bE8czI9pqj5s9RL17S_Kc7vPmpACTwOZ_71jpIFl_
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 09:22:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=61BDF0114B9E460585098B08786C2192&google_push=Aa02lx-kzwG8VZYNC9LEvY7wbCYBtjBRtXI-yrHu_w0zeU70TLXZczT-O2cr1t2bE8czI9pqj5s9RL17S_Kc7vPmpACTwOZ_71jpIFl_
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 06 Feb 2023 09:22:36 GMT
pixel
cm.g.doubleclick.net/ Frame FB53
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBqOPjFxzUQfBeE6b7RRfzc&google_cver=1&google_push=Aa02lx8L8S84yCI3F7h5VpQ9Vb7VYZLQ9bk56og7UyZlmZe36TQ7jqXEgkdU4NJfwdbUl8qclijUa2vYC0p_5EoX...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dc4QFE7BRe6W0Kf6v3URVQ2&google_push=Aa02lx8L8S84yCI3F7h5VpQ9Vb7VYZLQ9bk56og7UyZlmZe36TQ7jqXEgkdU4NJfwdbUl8qclijUa2vYC0p_5EoXnwdI483WKfgPIXk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dc4QFE7BRe6W0Kf6v3URVQ2&google_push=Aa02lx8L8S84yCI3F7h5VpQ9Vb7VYZLQ9bk56og7UyZlmZe36TQ7jqXEgkdU4NJfwdbUl8qclijUa2vYC0p_5EoXnwdI483WKfgPIXk
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 09:22:36 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=dc4QFE7BRe6W0Kf6v3URVQ2&google_push=Aa02lx8L8S84yCI3F7h5VpQ9Vb7VYZLQ9bk56og7UyZlmZe36TQ7jqXEgkdU4NJfwdbUl8qclijUa2vYC0p_5EoXnwdI483WKfgPIXk
x-host
tde-deliveryengine-production-fb497649f-nvcbh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame FB53 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEFuhfRaFazT36jdHA-1iZJQ&google_cver=1&google_push=Aa02lx8sN45GFNW-qlbgpxteMmbZqK9DfgcomRe8dSORIPXyaMlva-lRwXdUyS_cl8wehC4R2KLcUq0WNe8_8AOWEb-vwqtZ9bboWzCT
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:35 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
mtk1399v2nfe8dvrgfsk1311s8un6so9
pixel
cm.g.doubleclick.net/ Frame FB53
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDYsVKRSeMQI0xjGUNxVmyE&google_cver=1&google_push=Aa02lx9WCf9GbtucvSPsT7yWbOln21aoZYMaUvJNCxuBO4aznTOHe3enPw3ROLAzmYVonUSqYR0nAYMS4gBRsEG7DPLULvNhV5...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9WCf9GbtucvSPsT7yWbOln21aoZYMaUvJNCxuBO4aznTOHe3enPw3ROLAzmYVonUSqYR0nAYMS4gBRsEG7DPLULvNhV59...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx9WCf9GbtucvSPsT7yWbOln21aoZYMaUvJNCxuBO4aznTOHe3enPw3ROLAz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx9WCf9GbtucvSPsT7yWbOln21aoZYMaUvJNCxuBO4aznTOHe3enPw3ROLAzmYVonUSqYR0nAYMS4gBRsEG7DPLULvNhV59hKsac
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx9WCf9GbtucvSPsT7yWbOln21aoZYMaUvJNCxuBO4aznTOHe3enPw3ROLAzmYVonUSqYR0nAYMS4gBRsEG7DPLULvNhV59hKsac
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame FB53 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEFjBK3ak1_RDh2gTiHSEhvA&google_cver=1&google_push=Aa02lx9QK6haz4qx2VYCs35TxdjveLJMo3o9B4tCsIzkQOqTBxkNVv0S3Igv26s4A5TsBR0ZKMzKJTcZpSGPvyZRxO_zhwihOGCOFk1m
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:35 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame FB53
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGGPxI78yD7B74KQuil_ocw&google_cver=1&google_push=Aa02lx9D3HA-KL8d-CX8UEoSoqNGJknzuiSFiT-otJ6eDq0kACuogyIrwdhgRk0yFIjHiAGpbK...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SbGpaWWx4RTJ1RU5CbkZhUTMwT21iY2h4b2lnNDJjMX5B&google_push=Aa02lx9D3HA-KL8d-CX8UEoSoqNGJknzuiSFiT-otJ6eDq0kACuogyIrw...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SbGpaWWx4RTJ1RU5CbkZhUTMwT21iY2h4b2lnNDJjMX5B&google_push=Aa02lx9D3HA-KL8d-CX8UEoSoqNGJknzuiSFiT-otJ6eDq0kACuogyIrwdhgRk0yFIjHiAGpbK7HZvpjHMlZektd1WUrOiGj2ziHU3Aa6g
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SbGpaWWx4RTJ1RU5CbkZhUTMwT21iY2h4b2lnNDJjMX5B&google_push=Aa02lx9D3HA-KL8d-CX8UEoSoqNGJknzuiSFiT-otJ6eDq0kACuogyIrwdhgRk0yFIjHiAGpbK7HZvpjHMlZektd1WUrOiGj2ziHU3Aa6g
date
Tue, 07 Feb 2023 09:22:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame FB53
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEI4lq3pKnVnKHVbT5x3ZGSI&google_cver=1&google_push=Aa02lx9C--o6U8e4i...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEI4lq3pKnVnKHVbT5x3ZGSI%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjczMjEyMTI1NDc4NjAzODE3Mw%3D%3D&google_gid=CAESEI4lq3pKnVnKHVbT5x3ZGSI&google_cver=1&google_push=Aa02lx9C--o6U8e4i-3lY0nvrExbtpIxsx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjczMjEyMTI1NDc4NjAzODE3Mw%3D%3D&google_gid=CAESEI4lq3pKnVnKHVbT5x3ZGSI&google_cver=1&google_push=Aa02lx9C--o6U8e4i-3lY0nvrExbtpIxsxbZstAUqcFT1EREOD3Kiar9ZXopVMwUu3K3UTZepyykqZPy9R1hd2QuddBO8eD0scDkrTOYaw
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 09:22:36 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a79118fb-e0bc-46a8-9a46-d0f98fb60b2e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjczMjEyMTI1NDc4NjAzODE3Mw%3D%3D&google_gid=CAESEI4lq3pKnVnKHVbT5x3ZGSI&google_cver=1&google_push=Aa02lx9C--o6U8e4i-3lY0nvrExbtpIxsxbZstAUqcFT1EREOD3Kiar9ZXopVMwUu3K3UTZepyykqZPy9R1hd2QuddBO8eD0scDkrTOYaw
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame FB53 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ihvev2cYjQGVeiOL2hCnkFl9mJ3iwEdAboiZMY1UizwM5uFvZwcViRCMMd9DrtEKTUTyH6qCU
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
current
dclk-match.dotomi.com/match/bounce/ Frame E520 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDe5qsInFWvnRx1H12Uwh3k&google_cver=1&google_push=Aa02lx_jlj9A7smmbb-CgyNGN25PIgPEdnGMI0B2dPYSdVLm7EOV7-i0cJSXtWnNRUkNEmLS1ARjuZrFoaG_9QDB2WO0VQndZQ1rWQ
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame E520
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBqOPjFxzUQfBeE6b7RRfzc&google_cver=1&google_push=Aa02lx9TccmsnSvAn1E8jG4yf0WiOns3lAws6SbOPhD3RDIYtryEM0dIwn9UKbbLqzM0adXC0hwoALy-HCNLnd33...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=RBaUJj_WQT-zxgCqHzx7Qg2&google_push=Aa02lx9TccmsnSvAn1E8jG4yf0WiOns3lAws6SbOPhD3RDIYtryEM0dIwn9UKbbLqzM0adXC0hwoALy-HCNLnd33uHAptQvhJqt-
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=RBaUJj_WQT-zxgCqHzx7Qg2&google_push=Aa02lx9TccmsnSvAn1E8jG4yf0WiOns3lAws6SbOPhD3RDIYtryEM0dIwn9UKbbLqzM0adXC0hwoALy-HCNLnd33uHAptQvhJqt-
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 09:22:36 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=RBaUJj_WQT-zxgCqHzx7Qg2&google_push=Aa02lx9TccmsnSvAn1E8jG4yf0WiOns3lAws6SbOPhD3RDIYtryEM0dIwn9UKbbLqzM0adXC0hwoALy-HCNLnd33uHAptQvhJqt-
x-host
tde-deliveryengine-production-fb497649f-w4d4z
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame E520
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGFa0amh1FfRqxhaLKJw5ro&google_cver=1&google_push=Aa02lx9bS-KswDiS_rLtzZwq1H03Jz7V4e38u1T4h_oD_DdBqeZTQq8AmoNxY-l81z8ELfCgv0bf0IS0...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGFa0amh1FfRqxhaLKJw5ro&google_cver=1&google_push=Aa02lx9bS-KswDiS_rLtzZwq1H03Jz7V4e38u1T4h_oD_DdBqeZTQq8AmoNxY-l81z8ELfCgv0b...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU4MTcwNjk5MDUzMjA0NzM2MA&google_push=Aa02lx9bS-KswDiS_rLtzZwq1H03Jz7V4e38u1T4h_oD_DdBqeZTQq8AmoNxY-l81z8ELfCgv0bf0I...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU4MTcwNjk5MDUzMjA0NzM2MA&google_push=Aa02lx9bS-KswDiS_rLtzZwq1H03Jz7V4e38u1T4h_oD_DdBqeZTQq8AmoNxY-l81z8ELfCgv0bf0IS0966y9UiUAEUcX-EOv_moqw
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU4MTcwNjk5MDUzMjA0NzM2MA&google_push=Aa02lx9bS-KswDiS_rLtzZwq1H03Jz7V4e38u1T4h_oD_DdBqeZTQq8AmoNxY-l81z8ELfCgv0bf0IS0966y9UiUAEUcX-EOv_moqw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame E520
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMHu4Y62DPuhPVPGvzJrYU&google_cver=1&google_push=Aa02lx-XNrbLK5tw2EJNHhD95aZ3KejUmn2GH2pCAkTKIjgcUMxlUETQWisK0mMpCsSqK34BBOa...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx-XNrbLK5tw2EJNHhD95aZ3KejUmn2GH2pCAkTKIjgcUMxlUETQWisK0mMpCsSqK34BBOab4nRan_DAFLAwlgL-IKCle-ZJkA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx-XNrbLK5tw2EJNHhD95aZ3KejUmn2GH2pCAkTKIjgcUMxlUETQWisK0mMpCsSqK34BBOab4nRan_DAFLAwlgL-IKCle-ZJkA
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx-XNrbLK5tw2EJNHhD95aZ3KejUmn2GH2pCAkTKIjgcUMxlUETQWisK0mMpCsSqK34BBOab4nRan_DAFLAwlgL-IKCle-ZJkA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame E520
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEM6J9xn0N-a9qOKiMrInlVc&google_cver=1&google_push=Aa02lx8Md1RcLJ4EnnNT7MRvU3OtNnKdl7MKCar7AEnc6jNbKHhkDkb0Ca0LvC-Gv-navYPsdI6M9uH038gJNZPV...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8Md1RcLJ4EnnNT7MRvU3OtNnKdl7MKCar7AEnc6jNbKHhkDkb0Ca0LvC-Gv-navYPsdI6M9uH038gJNZPVhWQRKDG74gJQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8Md1RcLJ4EnnNT7MRvU3OtNnKdl7MKCar7AEnc6jNbKHhkDkb0Ca0LvC-Gv-navYPsdI6M9uH038gJNZPVhWQRKDG74gJQ
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 09:22:36 GMT
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
GeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx8Md1RcLJ4EnnNT7MRvU3OtNnKdl7MKCar7AEnc6jNbKHhkDkb0Ca0LvC-Gv-navYPsdI6M9uH038gJNZPVhWQRKDG74gJQ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Iqohpc4X4l6NO89SqdYFIpA8SBnZ9ExhdLlJ-ggCsbIf_sED3pmKFA==
pixel
cm.g.doubleclick.net/ Frame E520
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx92NhbIsFdkIZQ-n-XY7-eqe9iFOnFuD2aSaZ6GRxNj5GOoaJe2DBEfbHyOZxgnHFVzNAAz4td8aTY0rHC5_OFwWuGe2Yrh2w&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-3593d9ee-e5b1-44a7-8e7e-e9a804fe6201-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx92NhbIsFdkIZQ-n-XY7...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx92NhbIsFdkIZQ-n-XY7-eqe9iFOnFuD2aSaZ6GRxNj5GOoaJe2DBEfbHyOZxgnHFVzNAAz4td8aTY0rHC5_OFwWuGe2Yrh2w&google_hm=AzWT2e7lsUSnjn7pqAT-YgE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx92NhbIsFdkIZQ-n-XY7-eqe9iFOnFuD2aSaZ6GRxNj5GOoaJe2DBEfbHyOZxgnHFVzNAAz4td8aTY0rHC5_OFwWuGe2Yrh2w&google_hm=AzWT2e7lsUSnjn7pqAT-YgE
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx92NhbIsFdkIZQ-n-XY7-eqe9iFOnFuD2aSaZ6GRxNj5GOoaJe2DBEfbHyOZxgnHFVzNAAz4td8aTY0rHC5_OFwWuGe2Yrh2w&google_hm=AzWT2e7lsUSnjn7pqAT-YgE
date
Tue, 07 Feb 2023 09:22:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3593d9eee5b144a78e7ee9a804fe6201003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame E520
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELUSMkC3d...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=7b98b217-8a90-4507-852e-bd18524b0892&%%GOOGLE_PUSH_PAIR%%
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=7b98b217-8a90-4507-852e-bd18524b0892&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=7b98b217-8a90-4507-852e-bd18524b0892&%%GOOGLE_PUSH_PAIR%%
date
Tue, 07 Feb 2023 09:22:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame E520 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kr1uSPVTAiwqmbBfOkDpqHUDyvQ0g3D7ZgeC91-5lqA4I74wERQYyAti76v5RsCpx6ZWVw-w
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
i.match
s.tribalfusion.com/z/ Frame BFB2
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx9ms6fnJgIHawLrf3t5O3g6uxg5j1syf-mTHHf6Kd4Nwjj-YLR7KRkl6g-m81buZlNfVoJtPjPDuDAg_EExguVAO1ekiC7tX...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx9ms6fnJgIHawLrf3t5O3g6uxg5j1syf-mTHHf6Kd4Nwjj-YLR7KRkl6g-m81buZlNfVoJtPjPDuDAg_EExguVAO1ekiC7...
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx9ms6fnJgIHawLrf3t5O3g6uxg5j1syf-mTHHf6Kd4Nwjj-YLR7KRkl6g-m81buZlNfVoJtPjPDuDAg_EExguVAO1ekiC7tXUwU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9ms6fnJgIHawLrf3t5O3g6uxg5j1syf-mTHHf6Kd4Nwjj-YLR7KRkl6g-m81buZlNfVoJtPjPDuDAg_EExguVAO1ekiC7tXUwU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
795b0fe1ed679097-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
597
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx9ms6fnJgIHawLrf3t5O3g6uxg5j1syf-mTHHf6Kd4Nwjj-YLR7KRkl6g-m81buZlNfVoJtPjPDuDAg_EExguVAO1ekiC7tXUwU&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx9ms6fnJgIHawLrf3t5O3g6uxg5j1syf-mTHHf6Kd4Nwjj-YLR7KRkl6g-m81buZlNfVoJtPjPDuDAg_EExguVAO1ekiC7tXUwU%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
795b0fdf8c6c9097-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BFB2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF1arKR2DZlmO4wtrzhga4E&google_push=Aa02lx95H4tyN4ZOu-no_BUPHK7JB9NMF4KskFN43rqY26L9wgaKTIUsGb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF1arKR2DZlmO4wtrzhga4E&google_push=Aa02lx95H4tyN4ZOu-no_BUPHK7JB9NMF4KskFN43rqY26L9wgaKTIUsGb00lMkYkwAL-VA8LOh7MZZPFRsp4QI7cr3AYO2qnkRwqjkP
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220027-HHN
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1675761756.099017,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF1arKR2DZlmO4wtrzhga4E&google_push=Aa02lx95H4tyN4ZOu-no_BUPHK7JB9NMF4KskFN43rqY26L9wgaKTIUsGb00lMkYkwAL-VA8LOh7MZZPFRsp4QI7cr3AYO2qnkRwqjkP
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame BFB2
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBqOPjFxzUQfBeE6b7RRfzc&google_cver=1&google_push=Aa02lx93rkvBvThKlJfT8X-7rbCVKKhWvVZKAyJtvbzi8AoZDrX7appAkhim0aOpiWfQYCojgEBUBZVrzFS23bmD...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yzG5r6oqTYaauYgcNMGVpQ2&google_push=Aa02lx93rkvBvThKlJfT8X-7rbCVKKhWvVZKAyJtvbzi8AoZDrX7appAkhim0aOpiWfQYCojgEBUBZVrzFS23bmD8rb6tm6aeWTCdbfO
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yzG5r6oqTYaauYgcNMGVpQ2&google_push=Aa02lx93rkvBvThKlJfT8X-7rbCVKKhWvVZKAyJtvbzi8AoZDrX7appAkhim0aOpiWfQYCojgEBUBZVrzFS23bmD8rb6tm6aeWTCdbfO
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 09:22:36 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=yzG5r6oqTYaauYgcNMGVpQ2&google_push=Aa02lx93rkvBvThKlJfT8X-7rbCVKKhWvVZKAyJtvbzi8AoZDrX7appAkhim0aOpiWfQYCojgEBUBZVrzFS23bmD8rb6tm6aeWTCdbfO
x-host
tde-deliveryengine-production-fb497649f-w4d4z
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame BFB2
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBzANO0yxJa_3N84abeDs0w&google_cver=1&google_push=Aa02lx_oT6CSBnN8Bgnye0hpaes11sos0nVYQfIZc-40v1olEB16f03Sl8x99Llfhx7s-dAYNOWhaDvz0_Ezk7uV-P2dNDc...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBzANO0yxJa_3N84abeDs0w&google_cver=1&google_push=Aa02lx_oT6CSBnN8Bgnye0hpaes11sos0nVYQfIZc-40v1olEB16f03Sl8x99Llfhx7s-dAYNOWhaDvz0_Ezk7uV-P2dN...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_oT6CSBnN8Bgnye0hpaes11sos0nVYQfIZc-40v1olEB16f03Sl8x99Llfhx7s-dAYNOWhaDvz0_Ezk7uV-P2dNDcvS2tmg42M
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_oT6CSBnN8Bgnye0hpaes11sos0nVYQfIZc-40v1olEB16f03Sl8x99Llfhx7s-dAYNOWhaDvz0_Ezk7uV-P2dNDcvS2tmg42M
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx_oT6CSBnN8Bgnye0hpaes11sos0nVYQfIZc-40v1olEB16f03Sl8x99Llfhx7s-dAYNOWhaDvz0_Ezk7uV-P2dNDcvS2tmg42M
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame BFB2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMHu4Y62DPuhPVPGvzJrYU&google_cver=1&google_push=Aa02lx8Ae4HyKrIOSoyCfWmMJErKWna4iTYkjkZfakhopUOyuCvvMF9ctAeO6R34d8a5UkAT3Nz...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx8Ae4HyKrIOSoyCfWmMJErKWna4iTYkjkZfakhopUOyuCvvMF9ctAeO6R34d8a5UkAT3Nz6u0YywPVOU6U-QuhQy0Dl34OW3LKu
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx8Ae4HyKrIOSoyCfWmMJErKWna4iTYkjkZfakhopUOyuCvvMF9ctAeO6R34d8a5UkAT3Nz6u0YywPVOU6U-QuhQy0Dl34OW3LKu
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx8Ae4HyKrIOSoyCfWmMJErKWna4iTYkjkZfakhopUOyuCvvMF9ctAeO6R34d8a5UkAT3Nz6u0YywPVOU6U-QuhQy0Dl34OW3LKu
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Expires
0
pixel
cm.g.doubleclick.net/ Frame BFB2
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDYsVKRSeMQI0xjGUNxVmyE&google_cver=1&google_push=Aa02lx_wEc1USHwhtSSontvyXP9Pkis3gBGJLR1761lF_N37rJuYtR_PpnHGlaLm9IIvNc8mvJuGxynyiHHkCfNqKPIVk7-3rt...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx_wEc1USHwhtSSontvyXP9Pkis3gBGJLR1761lF_N37rJuYtR_PpnHGlaLm9IIvNc8mvJuGxynyiHHkCfNqKPIVk7-3rtL...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx_wEc1USHwhtSSontvyXP9Pkis3gBGJLR1761lF_N37rJuYtR_PpnHGlaLm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx_wEc1USHwhtSSontvyXP9Pkis3gBGJLR1761lF_N37rJuYtR_PpnHGlaLm9IIvNc8mvJuGxynyiHHkCfNqKPIVk7-3rtLkiIM
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx_wEc1USHwhtSSontvyXP9Pkis3gBGJLR1761lF_N37rJuYtR_PpnHGlaLm9IIvNc8mvJuGxynyiHHkCfNqKPIVk7-3rtLkiIM
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame BFB2
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGGPxI78yD7B74KQuil_ocw&google_cver=1&google_push=Aa02lx-f-WUnOY83j7O-nHFBxKQGJMn4D8XbXvrVCXmNLjpn9PZVLf1kJuC33jzrhnQf_1IBpt...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SbGpaWWx4RTJ1RU5CbkZhUTMwT21iY2h4b2lnNDJjMX5B&google_push=Aa02lx-f-WUnOY83j7O-nHFBxKQGJMn4D8XbXvrVCXmNLjpn9PZVLf1kJ...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SbGpaWWx4RTJ1RU5CbkZhUTMwT21iY2h4b2lnNDJjMX5B&google_push=Aa02lx-f-WUnOY83j7O-nHFBxKQGJMn4D8XbXvrVCXmNLjpn9PZVLf1kJuC33jzrhnQf_1IBpt6TDgMi__BbVNY7VuNuAhHRpGS9RSjm
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SbGpaWWx4RTJ1RU5CbkZhUTMwT21iY2h4b2lnNDJjMX5B&google_push=Aa02lx-f-WUnOY83j7O-nHFBxKQGJMn4D8XbXvrVCXmNLjpn9PZVLf1kJuC33jzrhnQf_1IBpt6TDgMi__BbVNY7VuNuAhHRpGS9RSjm
date
Tue, 07 Feb 2023 09:22:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame BFB2 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJ7E7zdfe9H2nt0WE8I5vYEXBFCSYeRRxeq5ZKQ8DD2TOnE5LjSthDgj6VJiKkYRXLs-todw
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
current
dclk-match.dotomi.com/match/bounce/ Frame 35D8 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDe5qsInFWvnRx1H12Uwh3k&google_cver=1&google_push=Aa02lx-C3tnbge8jiItVBXG6USNJOMUDRNqbvM2qbV3SIPWNrma47bCUw4Z2AqB5OJJn3Uf4xgkb4GMZFpP54aa7EhaLhISG6_d3ykc
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 35D8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RW8weHZsYnYxUHBrYnE1&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cver=1&google_push=Aa02lx-PrJZyCqqrpBHdfDYBKd8kqhf4LAG74l8N96NCHKv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RW8weHZsYnYxUHBrYnE1&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cver=1&google_push=Aa02lx-PrJZyCqqrpBHdfDYBKd8kqhf4LAG74l8N96NCHKvb9TiT1L1EUW8fiLk-dGjmY0NE3OQuTpUU-gbbDwEA8L7VpdSDpt--vg
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:35 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/d601d38#rel-ec2-master i-05a89a035fd5ddeba@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RW8weHZsYnYxUHBrYnE1&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cver=1&google_push=Aa02lx-PrJZyCqqrpBHdfDYBKd8kqhf4LAG74l8N96NCHKvb9TiT1L1EUW8fiLk-dGjmY0NE3OQuTpUU-gbbDwEA8L7VpdSDpt--vg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 35D8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFjcunc7ePeTMa0nl47itk&google_cver=1&google_push=Aa02lx9aaAYnC1Uoc6cXW5fTWAuPz3-camB3KBdhObJrpXNP6KvDvyNqD_f61UDPcc3FHgPMJw9z6OJwiZxxYH6x...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx9aaAYnC1Uoc6cXW5fTWAuPz3-camB3KBdhObJrpXNP6KvDvyNqD_f61UDPcc3FHgPMJw9z6OJwiZxxYH6xdYihnixa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx9aaAYnC1Uoc6cXW5fTWAuPz3-camB3KBdhObJrpXNP6KvDvyNqD_f61UDPcc3FHgPMJw9z6OJwiZxxYH6xdYihnixaVlABpx4
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 09:22:35 GMT
Server
MT3 441 9053ffc master cdg-pixel-x29 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx9aaAYnC1Uoc6cXW5fTWAuPz3-camB3KBdhObJrpXNP6KvDvyNqD_f61UDPcc3FHgPMJw9z6OJwiZxxYH6xdYihnixaVlABpx4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Feb 2023 09:22:34 GMT
i.match
s.tribalfusion.com/z/ Frame 35D8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx_Wgu6zFUCXUPHGl2IcAdTZuZvlPjwN3bG0-cIV6eR3nTpVvO6bPsuKPMRoPGVfZXtaH2YC_24m0dR3E7_v2KFtPPsLTTsFr...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx_Wgu6zFUCXUPHGl2IcAdTZuZvlPjwN3bG0-cIV6eR3nTpVvO6bPsuKPMRoPGVfZXtaH2YC_24m0dR3E7_v2KFtPPsLTTs...
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx_Wgu6zFUCXUPHGl2IcAdTZuZvlPjwN3bG0-cIV6eR3nTpVvO6bPsuKPMRoPGVfZXtaH2YC_24m0dR3E7_v2KFtPPsLTTsFrA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_Wgu6zFUCXUPHGl2IcAdTZuZvlPjwN3bG0-cIV6eR3nTpVvO6bPsuKPMRoPGVfZXtaH2YC_24m0dR3E7_v2KFtPPsLTTsFrA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
795b0fe1ed659097-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
532
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx_Wgu6zFUCXUPHGl2IcAdTZuZvlPjwN3bG0-cIV6eR3nTpVvO6bPsuKPMRoPGVfZXtaH2YC_24m0dR3E7_v2KFtPPsLTTsFrA&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_Wgu6zFUCXUPHGl2IcAdTZuZvlPjwN3bG0-cIV6eR3nTpVvO6bPsuKPMRoPGVfZXtaH2YC_24m0dR3E7_v2KFtPPsLTTsFrA%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
795b0fdf8c709097-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 35D8
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHNhUSdgLsGI8yLs0V-GjWQ&google_cver=1&google_push=Aa02lx__XqsG_NN3x0QTOqvLiJTHuh8CJdgqDqkJmQzM5L6gRJjAd5bE8hZWZAOI0Q12zfJGDeDtUxH4mNb8KTGBzHPTV74zo-oyxw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=985FC60A9A634F3B87FBB6E14F05A0C7&google_push=Aa02lx__XqsG_NN3x0QTOqvLiJTHuh8CJdgqDqkJmQzM5L6gRJjAd5bE8hZWZAOI0Q12zfJGDeDtUxH4mNb8KTG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=985FC60A9A634F3B87FBB6E14F05A0C7&google_push=Aa02lx__XqsG_NN3x0QTOqvLiJTHuh8CJdgqDqkJmQzM5L6gRJjAd5bE8hZWZAOI0Q12zfJGDeDtUxH4mNb8KTGBzHPTV74zo-oyxw
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 09:22:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=985FC60A9A634F3B87FBB6E14F05A0C7&google_push=Aa02lx__XqsG_NN3x0QTOqvLiJTHuh8CJdgqDqkJmQzM5L6gRJjAd5bE8hZWZAOI0Q12zfJGDeDtUxH4mNb8KTGBzHPTV74zo-oyxw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 06 Feb 2023 09:22:36 GMT
pixel
cm.g.doubleclick.net/ Frame 35D8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGFa0amh1FfRqxhaLKJw5ro&google_cver=1&google_push=Aa02lx9xIPJxwIYzje7uu4W8I2rb2FIwf98e7iNjpf-hsdYUftxpLxDxdO5QRb9QQ_X-kq2l5r75eUIw...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGFa0amh1FfRqxhaLKJw5ro&google_cver=1&google_push=Aa02lx9xIPJxwIYzje7uu4W8I2rb2FIwf98e7iNjpf-hsdYUftxpLxDxdO5QRb9QQ_X-kq2l5r7...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgzMjcyMjY2MzIyODMxMzE5Nw&google_push=Aa02lx9xIPJxwIYzje7uu4W8I2rb2FIwf98e7iNjpf-hsdYUftxpLxDxdO5QRb9QQ_X-kq2l5r75eU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgzMjcyMjY2MzIyODMxMzE5Nw&google_push=Aa02lx9xIPJxwIYzje7uu4W8I2rb2FIwf98e7iNjpf-hsdYUftxpLxDxdO5QRb9QQ_X-kq2l5r75eUIwHssdwiD_T-hL3HBtldZrons
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzgzMjcyMjY2MzIyODMxMzE5Nw&google_push=Aa02lx9xIPJxwIYzje7uu4W8I2rb2FIwf98e7iNjpf-hsdYUftxpLxDxdO5QRb9QQ_X-kq2l5r75eUIwHssdwiD_T-hL3HBtldZrons
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
report
sync.teads.tv/um/ Frame 35D8
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKizTKUA6eW-3RCu4HYvxQg&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx8w73gcD140sNeeG0viMsLFK69RLHQHhNYKvvmK6gfW_eZqwI4zaachpdeyS2FqdfFzSqW5sj4Smgpxiq2A0C9TyLd0NMYO42t5
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Tue, 07 Feb 2023 09:22:36 GMT
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 35D8 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lrsksx6P9bx9udpPjXVpC5ilbqLSezi1u88BGxAO4F2f_HQfYiCmCRByYpzCC7gVLgMU2THA
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
current
dclk-match.dotomi.com/match/bounce/ Frame D477 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDe5qsInFWvnRx1H12Uwh3k&google_cver=1&google_push=Aa02lx_j1CDH8ELrHPFPgC1aXcDuShJNIsJ6jF8CAOQRubHzkYnNXg0qaSgTJ1tgB-ds9maU3E6_ZiVgpkkDKWBqu_AJRC2Av6n4EDE
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame D477
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFjcunc7ePeTMa0nl47itk&google_cver=1&google_push=Aa02lx_b7-vQkgfYrGu2TO5PNIxcfQGBHw3_1R9-oMaTbAkndzbhfpjd92PnfFm63tyPCv0U8vMm5oRaqrzKHbxp...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx_b7-vQkgfYrGu2TO5PNIxcfQGBHw3_1R9-oMaTbAkndzbhfpjd92PnfFm63tyPCv0U8vMm5oRaqrzKHbxpLSm7iNSb...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx_b7-vQkgfYrGu2TO5PNIxcfQGBHw3_1R9-oMaTbAkndzbhfpjd92PnfFm63tyPCv0U8vMm5oRaqrzKHbxpLSm7iNSbSa1TvYZe
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 09:22:36 GMT
Server
MT3 441 9053ffc master cdg-pixel-x27 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx_b7-vQkgfYrGu2TO5PNIxcfQGBHw3_1R9-oMaTbAkndzbhfpjd92PnfFm63tyPCv0U8vMm5oRaqrzKHbxpLSm7iNSbSa1TvYZe
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Feb 2023 09:22:35 GMT
pixel
cm.g.doubleclick.net/ Frame D477
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEHNhUSdgLsGI8yLs0V-GjWQ&google_cver=1&google_push=Aa02lx9qGaICRacDnnnbbbc0k3--H-APbBdwuJ0xNUyK7WPtB9ugsHx2PO7sqxiT53guR0dW_fdmjNX6hUBBIqf8rIKJNWOaPXlqRfk
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5BCC59C25B8B4F51BF98675D595522A5&google_push=Aa02lx9qGaICRacDnnnbbbc0k3--H-APbBdwuJ0xNUyK7WPtB9ugsHx2PO7sqxiT53guR0dW_fdmjNX6hUBBIqf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5BCC59C25B8B4F51BF98675D595522A5&google_push=Aa02lx9qGaICRacDnnnbbbc0k3--H-APbBdwuJ0xNUyK7WPtB9ugsHx2PO7sqxiT53guR0dW_fdmjNX6hUBBIqf8rIKJNWOaPXlqRfk
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 09:22:36 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=5BCC59C25B8B4F51BF98675D595522A5&google_push=Aa02lx9qGaICRacDnnnbbbc0k3--H-APbBdwuJ0xNUyK7WPtB9ugsHx2PO7sqxiT53guR0dW_fdmjNX6hUBBIqf8rIKJNWOaPXlqRfk
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 06 Feb 2023 09:22:36 GMT
pixel
cm.g.doubleclick.net/ Frame D477
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIdpFSniZmQmD2Rkh_VkScc&google_cver=1&google_push=Aa02lx-LqbevmvJpBp32aGNwEZWxJNV6naaeWSh8pwRU3AbQMNprqriMigjHqA0onzIEYq-D3MJpFiMUs6K...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-LqbevmvJpBp32aGNwEZWxJNV6naaeWSh8pwRU3AbQMNprqriMigjHqA0onzIEYq-D3MJpFiMUs6KEDbi4mA0I1l7IKfh536if&google_hm=zoGiFF0fTcmwuyQU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-LqbevmvJpBp32aGNwEZWxJNV6naaeWSh8pwRU3AbQMNprqriMigjHqA0onzIEYq-D3MJpFiMUs6KEDbi4mA0I1l7IKfh536if&google_hm=zoGiFF0fTcmwuyQUwI8NPmc
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:35 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-LqbevmvJpBp32aGNwEZWxJNV6naaeWSh8pwRU3AbQMNprqriMigjHqA0onzIEYq-D3MJpFiMUs6KEDbi4mA0I1l7IKfh536if&google_hm=zoGiFF0fTcmwuyQUwI8NPmc
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D477
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBqOPjFxzUQfBeE6b7RRfzc&google_cver=1&google_push=Aa02lx_AIrI0kIdGHm24ys2GINR27X3JjmrF-QWziRcYJwFlI0bVEhOQfPG037c3APvC22Za1q-e9-vlH8RIVlSs...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-xF4UGR0QfmMKGqnkReSVw2&google_push=Aa02lx_AIrI0kIdGHm24ys2GINR27X3JjmrF-QWziRcYJwFlI0bVEhOQfPG037c3APvC22Za1q-e9-vlH8RIVlSsuQMyCJXpeC0kXmRA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-xF4UGR0QfmMKGqnkReSVw2&google_push=Aa02lx_AIrI0kIdGHm24ys2GINR27X3JjmrF-QWziRcYJwFlI0bVEhOQfPG037c3APvC22Za1q-e9-vlH8RIVlSsuQMyCJXpeC0kXmRA
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 09:22:36 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=-xF4UGR0QfmMKGqnkReSVw2&google_push=Aa02lx_AIrI0kIdGHm24ys2GINR27X3JjmrF-QWziRcYJwFlI0bVEhOQfPG037c3APvC22Za1q-e9-vlH8RIVlSsuQMyCJXpeC0kXmRA
x-host
tde-deliveryengine-production-fb497649f-w4d4z
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame D477
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOkRf6h2zR1xi4jWJMaEh4E&google_cver=1&google_push=Aa02lx--UxxJjrGXuxtSy5-AXxcHqLFlnNYsg6IL2CohHXZvouBMCoLUJJmn5FiKPZRCh02O-PczmwDcxSYWATm1r...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOkRf6h2zR1xi4jWJMaEh4E&google_cver=1&google_push=Aa02lx--UxxJjrGXuxtSy5-AXxcHqLFlnNYsg6IL2CohHXZvouBMCoLUJJmn5FiKPZRCh02O-PczmwDcxSYWATm1r...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx--UxxJjrGXuxtSy5-AXxcHqLFlnNYsg6IL2CohHXZvouBMCoLUJJmn5FiKPZRCh02O-PczmwDcxSYWATm1rQFwr3elcraBO5kI&google_hm=GHbSDGZHTiizMHpORE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx--UxxJjrGXuxtSy5-AXxcHqLFlnNYsg6IL2CohHXZvouBMCoLUJJmn5FiKPZRCh02O-PczmwDcxSYWATm1rQFwr3elcraBO5kI&google_hm=GHbSDGZHTiizMHpOREetfWxO
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 09:22:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx--UxxJjrGXuxtSy5-AXxcHqLFlnNYsg6IL2CohHXZvouBMCoLUJJmn5FiKPZRCh02O-PczmwDcxSYWATm1rQFwr3elcraBO5kI&google_hm=GHbSDGZHTiizMHpOREetfWxO
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame D477
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESELUSMkC3d...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=7b98b217-8a90-4507-852e-bd18524b0892&%%GOOGLE_PUSH_PAIR%%
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=7b98b217-8a90-4507-852e-bd18524b0892&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=7b98b217-8a90-4507-852e-bd18524b0892&%%GOOGLE_PUSH_PAIR%%
date
Tue, 07 Feb 2023 09:22:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame D477 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkCIzMVY8RmqpcAwWfRSrz5KwcwS960VqkL0kM4i-67A1k5Vz8CIVFr3Brpi5i5yzZzhR4xQ
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
i.match
s.tribalfusion.com/z/ Frame E7FD
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx-sANq6Mms0gtroCYRL-cRTdMkfP38cT44QJf6qWmYe62p97ZaJWcqE853xPM7_FklefTweJYQQqlVr7eVZarXojpygX4DT5...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx-sANq6Mms0gtroCYRL-cRTdMkfP38cT44QJf6qWmYe62p97ZaJWcqE853xPM7_FklefTweJYQQqlVr7eVZarXojpygX4D...
43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx-sANq6Mms0gtroCYRL-cRTdMkfP38cT44QJf6qWmYe62p97ZaJWcqE853xPM7_FklefTweJYQQqlVr7eVZarXojpygX4DT5pY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-sANq6Mms0gtroCYRL-cRTdMkfP38cT44QJf6qWmYe62p97ZaJWcqE853xPM7_FklefTweJYQQqlVr7eVZarXojpygX4DT5pY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
795b0fe1ed689097-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
179
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx-sANq6Mms0gtroCYRL-cRTdMkfP38cT44QJf6qWmYe62p97ZaJWcqE853xPM7_FklefTweJYQQqlVr7eVZarXojpygX4DT5pY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx-sANq6Mms0gtroCYRL-cRTdMkfP38cT44QJf6qWmYe62p97ZaJWcqE853xPM7_FklefTweJYQQqlVr7eVZarXojpygX4DT5pY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
795b0fdf8c6e9097-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E7FD
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mL_FPdQdRFqLgJx3D_g4bA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mL_FPdQdRFqLgJx3D_g4bA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_hcQ_XT0Y42E_Wnh3w8K2C_M33nJ9o1sXGTAoiJUpAH0xfilUT52RqVP1oVko8KcfzdB9BxyXdFklrUrii8FVxC-sG2S26_BM
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mL_FPdQdRFqLgJx3D_g4bA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_hcQ_XT0Y42E_Wnh3w8K2C_M33nJ9o1sXGTAoiJUpAH0xfilUT52RqVP1oVko8KcfzdB9BxyXdFklrUrii8FVxC-sG2S26_BM
date
Tue, 07 Feb 2023 09:22:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame E7FD
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEM6J9xn0N-a9qOKiMrInlVc&google_cver=1&google_push=Aa02lx9AXUhICe6KM6jvmeAn1PfqYHJa4a8knKnsNjMEkLIeBzahpg4eyCLJbdfjx0tH8mWvNRTmH4ToyPCHXtPe...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9AXUhICe6KM6jvmeAn1PfqYHJa4a8knKnsNjMEkLIeBzahpg4eyCLJbdfjx0tH8mWvNRTmH4ToyPCHXtPeW_XAqKsC8UwfIg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9AXUhICe6KM6jvmeAn1PfqYHJa4a8knKnsNjMEkLIeBzahpg4eyCLJbdfjx0tH8mWvNRTmH4ToyPCHXtPeW_XAqKsC8UwfIg
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 09:22:36 GMT
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
GeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9AXUhICe6KM6jvmeAn1PfqYHJa4a8knKnsNjMEkLIeBzahpg4eyCLJbdfjx0tH8mWvNRTmH4ToyPCHXtPeW_XAqKsC8UwfIg
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
E8ZZtgztDrx1EJCeBNSdQW2hVc-qqTWed5D5H2lfGsTlZ1lNyvOYpQ==
pixel
cm.g.doubleclick.net/ Frame E7FD
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEBtigVVjRKJN5SICtau288M&google_cver=1&google_push=Aa02lx8D_lCQxoxCxHTq0UsC7m9zKfyZAmuhM-ArVYbKOqmCzVKBxG7S4CLEmEYeK-fSK8ixg8fU7wFrvuEDclRxAGYnCZ...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEBtigVVjRKJN5SICtau288M&google_cver=1&google_push=Aa02lx8D_lCQxoxCxHTq0UsC7m9zKfyZAmuhM-ArVYbKOqmCzVKBxG7S4CLEmEYeK-fSK8ixg8fU7wFrvuEDclRx...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=KZmG4zmUTSW3yR75tWbThg&google_push=Aa02lx8D_lCQxoxCxHTq0UsC7m9zKfyZAmuhM-ArVYbKOqmCzVKBxG7S4CLEmEYeK-fSK8ixg8fU7wFrvuEDclR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=KZmG4zmUTSW3yR75tWbThg&google_push=Aa02lx8D_lCQxoxCxHTq0UsC7m9zKfyZAmuhM-ArVYbKOqmCzVKBxG7S4CLEmEYeK-fSK8ixg8fU7wFrvuEDclRxAGYnCZ3f5Y4X8A
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=KZmG4zmUTSW3yR75tWbThg&google_push=Aa02lx8D_lCQxoxCxHTq0UsC7m9zKfyZAmuhM-ArVYbKOqmCzVKBxG7S4CLEmEYeK-fSK8ixg8fU7wFrvuEDclRxAGYnCZ3f5Y4X8A
access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:36 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame E7FD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx9QSJuuJPd19vPawncZv1GhDnh-M0a7J4j1j2jBVxaGLjm9cuhqpu2mt_bDstn5W0Vi7Lg-yT_rEN-hrQ9r-mDgblMpPTNtyis&redir=https%3A%2F%2Fcm.g.do...
  • https://sync.targeting.unrulymedia.com/csync/RX-3593d9ee-e5b1-44a7-8e7e-e9a804fe6201-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx9QSJuuJPd19vPawncZv...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9QSJuuJPd19vPawncZv1GhDnh-M0a7J4j1j2jBVxaGLjm9cuhqpu2mt_bDstn5W0Vi7Lg-yT_rEN-hrQ9r-mDgblMpPTNtyis&google_hm=AzWT2e7lsUSnjn7pqAT-YgE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9QSJuuJPd19vPawncZv1GhDnh-M0a7J4j1j2jBVxaGLjm9cuhqpu2mt_bDstn5W0Vi7Lg-yT_rEN-hrQ9r-mDgblMpPTNtyis&google_hm=AzWT2e7lsUSnjn7pqAT-YgE
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx9QSJuuJPd19vPawncZv1GhDnh-M0a7J4j1j2jBVxaGLjm9cuhqpu2mt_bDstn5W0Vi7Lg-yT_rEN-hrQ9r-mDgblMpPTNtyis&google_hm=AzWT2e7lsUSnjn7pqAT-YgE
date
Tue, 07 Feb 2023 09:22:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3593d9eee5b144a78e7ee9a804fe6201003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame E7FD
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDYsVKRSeMQI0xjGUNxVmyE&google_cver=1&google_push=Aa02lx8jJsFsFiFxovhpk-YRcwv779BAdSc76a9rCavBogVRqaKgQF0rdEI0ylUQHiMb0QOK92U0TcThvPs78iGIbBnlX3P8WI...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8jJsFsFiFxovhpk-YRcwv779BAdSc76a9rCavBogVRqaKgQF0rdEI0ylUQHiMb0QOK92U0TcThvPs78iGIbBnlX3P8WIn...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx8jJsFsFiFxovhpk-YRcwv779BAdSc76a9rCavBogVRqaKgQF0rdEI0ylUQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx8jJsFsFiFxovhpk-YRcwv779BAdSc76a9rCavBogVRqaKgQF0rdEI0ylUQHiMb0QOK92U0TcThvPs78iGIbBnlX3P8WIniIUk
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU3NTE1OTExOTc2MzgyOTc1NTIy&google_push=Aa02lx8jJsFsFiFxovhpk-YRcwv779BAdSc76a9rCavBogVRqaKgQF0rdEI0ylUQHiMb0QOK92U0TcThvPs78iGIbBnlX3P8WIniIUk
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
googleredir
googlecm.hit.gemius.pl/ Frame E7FD 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame E7FD 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KNlxFlciR3BxlnoCiRLhy0t8puI6S0SSvqPq07XkAgrz9kPQD7vnrz0ThYjT9hWLPZGdAFPA
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame DC51
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RW8weHZsYnYxUHBrYnE1&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cver=1&google_push=Aa02lx8-rifUc4lkICc0fYwV7pktbB6Kvj96FcvHjJMYMu7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RW8weHZsYnYxUHBrYnE1&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cver=1&google_push=Aa02lx8-rifUc4lkICc0fYwV7pktbB6Kvj96FcvHjJMYMu7OKtjqyi2SBJn0NZMETfB_4gzCph9NeRp-Q8OoLXVBJr7uuR95UocfmFw
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:35 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/d601d38#rel-ec2-master i-02d4862961d254dec@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RW8weHZsYnYxUHBrYnE1&google_gid=CAESELClD4fNwQ6k76jNrLiH8SY&google_cver=1&google_push=Aa02lx8-rifUc4lkICc0fYwV7pktbB6Kvj96FcvHjJMYMu7OKtjqyi2SBJn0NZMETfB_4gzCph9NeRp-Q8OoLXVBJr7uuR95UocfmFw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DC51
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFjcunc7ePeTMa0nl47itk&google_cver=1&google_push=Aa02lx_Luh16SqFyjSWqxwE7rWNCnXABMf7o9zcj64joE2gXrq3NJ0jtpQLwRir1SmcQyuzIAwD61PFErLJS-ymT...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx_Luh16SqFyjSWqxwE7rWNCnXABMf7o9zcj64joE2gXrq3NJ0jtpQLwRir1SmcQyuzIAwD61PFErLJS-ymTR7z_xZuq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx_Luh16SqFyjSWqxwE7rWNCnXABMf7o9zcj64joE2gXrq3NJ0jtpQLwRir1SmcQyuzIAwD61PFErLJS-ymTR7z_xZuqP3KyquI
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 09:22:36 GMT
Server
MT3 441 9053ffc master cdg-pixel-x27 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx_Luh16SqFyjSWqxwE7rWNCnXABMf7o9zcj64joE2gXrq3NJ0jtpQLwRir1SmcQyuzIAwD61PFErLJS-ymTR7z_xZuqP3KyquI
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Feb 2023 09:22:35 GMT
google_sync_status
x.bidswitch.net/ Frame DC51
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENfq-4O-xkzG26ctR_mgacc&google_cver=1&google_push=Aa02lx8AQ7l-kPtIc8YRvqITSEpShVy_OgJWRRfzn6IwiEYH-WEixIo0Jyvzv3loG3AEfaqWp3CD94PM30O0Pvd0icAO...
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=7b98b217-8a90-4507-852e-bd18524b0892
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=7b98b217-8a90-4507-852e-bd18524b0892
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=29ad7709-a9c6-4fe9-943e-d73342d62aaf&user_group=1&ssp=google&bsw_param=7b98b217-8a90-4507-852e-bd18524b0892
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=e5iyF4qQRQeFLr0YUksIkg==
  • https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESENfq-4O-xkzG26ctR_mgacc&google_cver=1
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESENfq-4O-xkzG26ctR_mgacc&google_cver=1
Protocol
H2
Server
52.58.133.213 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-133-213.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESENfq-4O-xkzG26ctR_mgacc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DC51
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMHu4Y62DPuhPVPGvzJrYU&google_cver=1&google_push=Aa02lx_mZ5s_GzXpwyf4Lo8SkkNwkmdkedEirm41_5HYUroIypfK1KVDIPGB5Pz3KhDk7j1TR2U...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx_mZ5s_GzXpwyf4Lo8SkkNwkmdkedEirm41_5HYUroIypfK1KVDIPGB5Pz3KhDk7j1TR2UAsHmaA2ZBa8CXYfWtnol0ufqPCuk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx_mZ5s_GzXpwyf4Lo8SkkNwkmdkedEirm41_5HYUroIypfK1KVDIPGB5Pz3KhDk7j1TR2UAsHmaA2ZBa8CXYfWtnol0ufqPCuk
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx_mZ5s_GzXpwyf4Lo8SkkNwkmdkedEirm41_5HYUroIypfK1KVDIPGB5Pz3KhDk7j1TR2UAsHmaA2ZBa8CXYfWtnol0ufqPCuk
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
pixel
cm.g.doubleclick.net/ Frame DC51
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_hm=Y-IYXJahVj7h3mo3JgEwQwAABJoAAAAB&google_nid=index&google_push=Aa02lx81c8v2zmlHqEYUsmeCaon8MJo11AM2N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_hm=Y-IYXJahVj7h3mo3JgEwQwAABJoAAAAB&google_nid=index&google_push=Aa02lx81c8v2zmlHqEYUsmeCaon8MJo11AM2N2ZfQKFBCvywTbhtmgGDyQt2PSX96VthmTkbMXNHo2PmcR6ZbZym0GdIITnhJ2MtjNw
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZrUE1uh0wMmL4rtTd9%2FHVtf6haXI1nyCE0a4N2xdnhRyEyaR5HinUX%2BjavtazQRgwjt0om9cDVQqX5Ux4rTCwmU%2FO6FKAi2m8hDCPtm6baVXeoTYbAqgfFId09wX0TlScm7wvTIJCVoVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_hm=Y-IYXJahVj7h3mo3JgEwQwAABJoAAAAB&google_nid=index&google_push=Aa02lx81c8v2zmlHqEYUsmeCaon8MJo11AM2N2ZfQKFBCvywTbhtmgGDyQt2PSX96VthmTkbMXNHo2PmcR6ZbZym0GdIITnhJ2MtjNw
cache-control
no-cache
cf-ray
795b0fe1bd293826-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame DC51
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEM6J9xn0N-a9qOKiMrInlVc&google_cver=1&google_push=Aa02lx9CeXolyLbQssBjSt2K4algk3ZeAlM_yA7i8776IsuHrR6zwyr0WkuHeyKkb1Nj-khSKpOaCGNfEk_a_Euj...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9CeXolyLbQssBjSt2K4algk3ZeAlM_yA7i8776IsuHrR6zwyr0WkuHeyKkb1Nj-khSKpOaCGNfEk_a_EujP6_W8khhrMQ0uGU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9CeXolyLbQssBjSt2K4algk3ZeAlM_yA7i8776IsuHrR6zwyr0WkuHeyKkb1Nj-khSKpOaCGNfEk_a_EujP6_W8khhrMQ0uGU
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 09:22:36 GMT
via
1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P5
x-cache
GeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9CeXolyLbQssBjSt2K4algk3ZeAlM_yA7i8776IsuHrR6zwyr0WkuHeyKkb1Nj-khSKpOaCGNfEk_a_EujP6_W8khhrMQ0uGU
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
Y-b54pQUbRU3dNpg4QHwEj14QIQ-OFVa5x9d5tVQQzyDpmEYTDWYAA==
pixel
cm.g.doubleclick.net/ Frame DC51
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGGPxI78yD7B74KQuil_ocw&google_cver=1&google_push=Aa02lx8pYVJ1IyHeEEDVTpBmqBMXAt5BWHVyGB-JKezgUu_4Db9xT_hVq6V5zQOotmzPDuYauU...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SbGpaWWx4RTJ1RU5CbkZhUTMwT21iY2h4b2lnNDJjMX5B&google_push=Aa02lx8pYVJ1IyHeEEDVTpBmqBMXAt5BWHVyGB-JKezgUu_4Db9xT_hVq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SbGpaWWx4RTJ1RU5CbkZhUTMwT21iY2h4b2lnNDJjMX5B&google_push=Aa02lx8pYVJ1IyHeEEDVTpBmqBMXAt5BWHVyGB-JKezgUu_4Db9xT_hVq6V5zQOotmzPDuYauUVBtjfhu2UVlsfL6DB6b1mfTKgQokPN
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1SbGpaWWx4RTJ1RU5CbkZhUTMwT21iY2h4b2lnNDJjMX5B&google_push=Aa02lx8pYVJ1IyHeEEDVTpBmqBMXAt5BWHVyGB-JKezgUu_4Db9xT_hVq6V5zQOotmzPDuYauUVBtjfhu2UVlsfL6DB6b1mfTKgQokPN
date
Tue, 07 Feb 2023 09:22:35 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame DC51 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K7wYrznfgxWQZi7_s23_A9ceMeOnrrh4J35V_6WYjxhtbBHLTvrMxpdOFnN-JK9sl006PA_Q
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 289E 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39973d5b491c08f9acdba2126c4490241c7be3ff921ccd55da80e2581671cdd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 08D9 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI99FzmcRpC7XE05ccINjxM&google_cver=1&google_push=Aa02lx-uI3_NV60KlxNshr4_MHl2R63hED1JP3UiENtL451ngCEeQekZ1Ou-NivvX3vocNZ93voooNBMhrLldSxuAorFwl1OoOakbtM
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 08D9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDsRFYrIb8yQKwDlmwgExCo&google_cver=1&google_push=Aa02lx_jvNFUZC9Pgb13B7vPgjDTt72HdUs003nQkYnJBKoMsDegpsdtvObR9FUx4KjQudPEKw3juMbK5ZCr77...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NzM0MTkzNzkxMTE5OTg5Mw%3D%3D&google_push=Aa02lx_jvNFUZC9Pgb13B7vPgjDTt72HdUs003nQkYnJBKoMsDegpsdtvObR9FUx4KjQudPEKw3juMbK5ZCr77l_GL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NzM0MTkzNzkxMTE5OTg5Mw%3D%3D&google_push=Aa02lx_jvNFUZC9Pgb13B7vPgjDTt72HdUs003nQkYnJBKoMsDegpsdtvObR9FUx4KjQudPEKw3juMbK5ZCr77l_GL3Y8nNw7Y57mQk
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NzM0MTkzNzkxMTE5OTg5Mw%3D%3D&google_push=Aa02lx_jvNFUZC9Pgb13B7vPgjDTt72HdUs003nQkYnJBKoMsDegpsdtvObR9FUx4KjQudPEKw3juMbK5ZCr77l_GL3Y8nNw7Y57mQk
Date
Tue, 07 Feb 2023 09:22:36 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 08D9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENfq-4O-xkzG26ctR_mgacc&google_cver=1&google_push=Aa02lx8VehFq4s9bL3w84Z10Cv6pB7ROEkXVB7w8o31-KXJNGn6uxQSOcJ2pi1cqZ8YTziCFZYPgQplYpNIuzDvHPwiN...
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c674d416-b260-42c6-b456-c7fb4ce85264&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8VehFq4s9bL3w84Z10Cv6pB7ROEkXVB7w8o31-KXJNGn6uxQSOcJ2pi1cqZ8YTziCFZYPgQplYpNIuzDvHPwiNODsYv1b0rhA&google_hm=e5iyF4qQRQeFLr0YUksI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8VehFq4s9bL3w84Z10Cv6pB7ROEkXVB7w8o31-KXJNGn6uxQSOcJ2pi1cqZ8YTziCFZYPgQplYpNIuzDvHPwiNODsYv1b0rhA&google_hm=e5iyF4qQRQeFLr0YUksIkg==
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:37 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx8VehFq4s9bL3w84Z10Cv6pB7ROEkXVB7w8o31-KXJNGn6uxQSOcJ2pi1cqZ8YTziCFZYPgQplYpNIuzDvHPwiNODsYv1b0rhA&google_hm=e5iyF4qQRQeFLr0YUksIkg==
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 08D9
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAVA7R2YHYO1qbAhk3dygEo&google_cver=1&google_push=Aa02lx_S2QjavoC0eFBFWet4dUPhiCs21fytVnnLIRKt6UHVk_vugzOP_r9rT-Mp1Kb7AtzDE2vxZSlodVPB...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_S2QjavoC0eFBFWet4dUPhiCs21fytVnnLIRKt6UHVk_vugzOP_r9rT-Mp1Kb7AtzDE2vxZSlodVPBQNDgdeE6BUK6h2b0yQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_S2QjavoC0eFBFWet4dUPhiCs21fytVnnLIRKt6UHVk_vugzOP_r9rT-Mp1Kb7AtzDE2vxZSlodVPBQNDgdeE6BUK6h2b0yQ
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx_S2QjavoC0eFBFWet4dUPhiCs21fytVnnLIRKt6UHVk_vugzOP_r9rT-Mp1Kb7AtzDE2vxZSlodVPBQNDgdeE6BUK6h2b0yQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 08D9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEA...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_eNyti5Vw414xk0YU_zx-gVltid9K-pjPWYkiHBZw-SlwAn_4Q_65JnLTYKC_JedPXEoPbjRAhSIHns8pdHwbsAkqJ3fTGaN4&redir=https%3A%2F%2Fcm.g.do...
  • https://sync.targeting.unrulymedia.com/csync/RX-3593d9ee-e5b1-44a7-8e7e-e9a804fe6201-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_eNyti5Vw414xk0YU_z...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_eNyti5Vw414xk0YU_zx-gVltid9K-pjPWYkiHBZw-SlwAn_4Q_65JnLTYKC_JedPXEoPbjRAhSIHns8pdHwbsAkqJ3fTGaN4&google_hm=AzWT2e7lsUSnjn7pqAT-YgE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_eNyti5Vw414xk0YU_zx-gVltid9K-pjPWYkiHBZw-SlwAn_4Q_65JnLTYKC_JedPXEoPbjRAhSIHns8pdHwbsAkqJ3fTGaN4&google_hm=AzWT2e7lsUSnjn7pqAT-YgE
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_eNyti5Vw414xk0YU_zx-gVltid9K-pjPWYkiHBZw-SlwAn_4Q_65JnLTYKC_JedPXEoPbjRAhSIHns8pdHwbsAkqJ3fTGaN4&google_hm=AzWT2e7lsUSnjn7pqAT-YgE
date
Tue, 07 Feb 2023 09:22:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3593d9eee5b144a78e7ee9a804fe6201003
content-type
text/html
googleredir
googlecm.hit.gemius.pl/ Frame 08D9 		0
0
report
sync.teads.tv/um/ Frame 08D9
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKizTKUA6eW-3RCu4HYvxQg&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx-CXmd-gWv4YxacTnobs_asoCwgjLngnM2GjeLjyp53fyN7Y-kwnxIKwSP7-kxxvoc2XuXhB-2s8xSahf__MkTiGB6MG0-0M8FC
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Tue, 07 Feb 2023 09:22:36 GMT
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 08D9 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4P5kClaK4wzW3galosRXHlPGqFKNa5RgdA54m7NdRU0aSAeza-6iaPBTZlrdsMSHpNn2YMhE
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame D80C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa8b2e11d22e3459a3e32d5786d3ec090ed74cc87241f684a0c05333cf352aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6C47 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79ef0c460dc97dc5af333616f19018a5b80112ea56c74f0468df4b582db7c84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8854 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67159
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Tue, 07 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7402 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fac766fdeddd2b5bd333bcea731d81ef25767eb9e0406a6a0aa83541d4b8549

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 46FE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
878987235418913eb43665f131a51dcc79f3aa5d517a5e04f5266d4945ff1c53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame DDF0 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
221a085665362b63a3d6e4f6d5274193bbaf0abfc21b46d31371a387759a7532

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
usync.html
ad.lkqd.net/cookie-sync/ Frame C096 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Tue, 07 Feb 2023 09:22:36 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1675761756.cds151.fr8.hn,1675761756.cds288.fr8.c
ad
v.lkqd.net/ Frame 7338 		57 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=88028436&m=&rtv=1&thost=www.lebanonfiles.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
c27c261a9d58126b1bb06aad02423733cc036f17ce63ccb0582967d806f43aff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Feb 2023 09:22:36 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3846
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=88028436&m=&rtv=1&thost=www.lebanonfiles.com
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Access-Control-Expose-Headers
Content-Type, Content-Disposition
Access-Control-Max-Age
300
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Feb 2023 09:22:36 GMT
Server
nginx
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4621 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
67159
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 06 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Tue, 07 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 860F 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02bd577035baf8b157e0ba285776fbe8703bddbf1203f719f3a03ae862383622

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame DDF0 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 17:04:17 GMT
x-content-type-options
nosniff
age
145099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:04:17 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 10C2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
800
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhdGYOQJvamYQJXW1gKDMXlOxfjpI0JXuXVz%2FI9HC5GiLTZEPtwJcSBgP7g6FWmt6EfmxgbG7ACAomTxB%2BTlZpUdFiSNx3ElOwlVk9z4dllUodVAfNF1tQc6OjYtbCZ%2BY9TTVTdKs6Qlk9GJM2ctt%2BXL"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
795b0fe28ba89b45-FRA
expires
Tue, 07 Feb 2023 09:30:16 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 860F 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 17:04:17 GMT
x-content-type-options
nosniff
age
145099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Feb 2024 17:04:17 GMT
t
t.lkqd.net/ Frame 5884 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:36 GMT
server
nginx
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 13D6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
800
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SonLCE0%2FcFixNlA4%2BtBO3JDQ4w8MsoNGhMU4b1%2FpsUXM3YjlcrOWm8EUJ0niolxu0Rs1aGzqvEiw2uMzCLzXVC7aTUPVkCaLRSdnv0A4t9sCsFu5I1Djf1WPf88d5myLKbqreKKWszL%2BtLEr5qwdQlDh"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
795b0fe28bac9b45-FRA
expires
Tue, 07 Feb 2023 09:30:16 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5795 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
800
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zH2Fc05UdoG2HyLSBv0mKPFuH2Kfo40ghZmvPK0ElhoPGzeLk6ATPrx6JqrXA1OqFUatZdUiGx0Beia2j326vr26njmlZW59f7LSQdjf%2Fvz6IA20rCt%2BCDLzQoxQZhw6Ry%2F%2Bm0R7dCwWgmcjVHGA1r5r"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
795b0fe28baa9b45-FRA
expires
Tue, 07 Feb 2023 09:30:16 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8A0E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
800
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIkg2nxhlmCNaeZfrGTk9Vj6FMQiwVuwF9FSHpw7VN%2BV7Hb7flmz9v8u9i6OAKAwY5btAc27z15%2FLfYk%2FkfNSMpjVQg%2F6Ui%2BgoYZ7pglYDXjyXYmAYpanFJM3ocoT%2Bu1qnfoZb6QQXqAqX6j9GAMHxzQ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
795b0fe28baf9b45-FRA
expires
Tue, 07 Feb 2023 09:30:16 GMT
frame.html
ad4m.at/ Frame DB80 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1867411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
795b0fe2899291d2-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 09:22:36 GMT
expires
Thu, 12 Jan 2023 18:57:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=49SnaCCH15eVo1pOukwKLuW0MmZ7h9ynrcNN%2FklpyYKLc8qAYktaZgIRrwQFOT9wqiACGmXIoRQr3etLXnFxhm%2FvRotX45g5rVxs%2FexXeZ1fXHQ8FHo3XRsahWYqMJKhVs0PJoE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 8E88 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1867411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
795b0fe2899491d2-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 09:22:36 GMT
expires
Thu, 12 Jan 2023 18:57:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFg%2Bo35NCUcygyQRHtOvNkLGFbIrIBCsiC0FZGF%2FuMBHOno%2BZbca72br7y0bzju4KaHReBMUzGrzBKmprb%2Ftl9qMjj4AMvED97v4Ntw4IoYDmkBU3zI3mlBaQyP%2F%2FlWxkhP6e6g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5989 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
800
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E53psvoJvw7ydPRbLrfpZr6rz%2FbuCf18MN8tkmfAYTV7Nu55V8J2GZREECwMuu79RcmibZ1a7oBsbWSr4g4SbOwnRvGVB4GVNK9aHwtqyteehUCu4LK%2BKQI09NKkq0HT%2BfBvg4XZvjUCdzidj4ylLaEs"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
795b0fe28ba99b45-FRA
expires
Tue, 07 Feb 2023 09:30:16 GMT
pixel
cm.g.doubleclick.net/ Frame 8854
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFjcunc7ePeTMa0nl47itk&google_cver=1&google_push=Aa02lx_HP03OVA5b5EbwTqw9y13yzVBGsocdidA_jy4c4ken3mGVmzv89sJD7gInXZ5B-Jh_NHMBHHFxndfPeLkZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx_HP03OVA5b5EbwTqw9y13yzVBGsocdidA_jy4c4ken3mGVmzv89sJD7gInXZ5B-Jh_NHMBHHFxndfPeLkZImGKD8Nh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx_HP03OVA5b5EbwTqw9y13yzVBGsocdidA_jy4c4ken3mGVmzv89sJD7gInXZ5B-Jh_NHMBHHFxndfPeLkZImGKD8Nhdu0QRwP1
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 09:22:36 GMT
Server
MT3 441 9053ffc master cdg-pixel-x26 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx_HP03OVA5b5EbwTqw9y13yzVBGsocdidA_jy4c4ken3mGVmzv89sJD7gInXZ5B-Jh_NHMBHHFxndfPeLkZImGKD8Nhdu0QRwP1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Feb 2023 09:22:35 GMT
i.match
a.tribalfusion.com/ Frame 8854 		43 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx92zml01lvescosW9u8NLJHA_e6Sq4hFfkGH6no-O-57s1O9BtXT91ej8Ja_D3dD8bVyom3pEnoD17aWholJ8MBNSBkuP6DDKOl&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx92zml01lvescosW9u8NLJHA_e6Sq4hFfkGH6no-O-57s1O9BtXT91ej8Ja_D3dD8bVyom3pEnoD17aWholJ8MBNSBkuP6DDKOl%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
795b0fe29dcd9097-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8854
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIdpFSniZmQmD2Rkh_VkScc&google_cver=1&google_push=Aa02lx-i9OeRwPDNZPk34BIDQCNyzN7tOrHDEf3cDdkzCgzf5q2lm2WsDpsjukE_PFyTXwJSXIwyPAp3cjp...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-i9OeRwPDNZPk34BIDQCNyzN7tOrHDEf3cDdkzCgzf5q2lm2WsDpsjukE_PFyTXwJSXIwyPAp3cjp737umLmBvnarw857Aksug&google_hm=zoGiFF0fTcmwuyQU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-i9OeRwPDNZPk34BIDQCNyzN7tOrHDEf3cDdkzCgzf5q2lm2WsDpsjukE_PFyTXwJSXIwyPAp3cjp737umLmBvnarw857Aksug&google_hm=zoGiFF0fTcmwuyQUwI8NPmc
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:35 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx-i9OeRwPDNZPk34BIDQCNyzN7tOrHDEf3cDdkzCgzf5q2lm2WsDpsjukE_PFyTXwJSXIwyPAp3cjp737umLmBvnarw857Aksug&google_hm=zoGiFF0fTcmwuyQUwI8NPmc
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 8854 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHZWxKonZkbbqnzmqA598AM&google_push=Aa02lx9Sgaidg5HpHsluiFifSZKhMrzAhbpGN2QlG_PE0vTHLop8FikuaEythtEl2VKW226oYTKBJ2JlLXjd-wR_EST46IRASQS4XuE&google_cver=1
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8854
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGFa0amh1FfRqxhaLKJw5ro&google_cver=1&google_push=Aa02lx8p8iQXMhSZsvBf7hIjDcmntOqoxp9reullF1U7JoO8gC7D1WqzDXI96kjW42PqXKBvedXfy0kh...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU4MTcwNjk5MDUzMjA0NzM2MA&google_push=Aa02lx8p8iQXMhSZsvBf7hIjDcmntOqoxp9reullF1U7JoO8gC7D1WqzDXI96kjW42PqXKBvedXfy0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU4MTcwNjk5MDUzMjA0NzM2MA&google_push=Aa02lx8p8iQXMhSZsvBf7hIjDcmntOqoxp9reullF1U7JoO8gC7D1WqzDXI96kjW42PqXKBvedXfy0khQgZdZtIZqmvv7CFxCclccCKf
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjU4MTcwNjk5MDUzMjA0NzM2MA&google_push=Aa02lx8p8iQXMhSZsvBf7hIjDcmntOqoxp9reullF1U7JoO8gC7D1WqzDXI96kjW42PqXKBvedXfy0khQgZdZtIZqmvv7CFxCclccCKf
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 8854
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELMHu4Y62DPuhPVPGvzJrYU&google_cver=1&google_push=Aa02lx9xWesqUpGAnsfc_pbaBwockdEsdl6MXg7Iq4H-rDbCIISZzxr3qOuTdtL4aMEXSxWRkaV...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx9xWesqUpGAnsfc_pbaBwockdEsdl6MXg7Iq4H-rDbCIISZzxr3qOuTdtL4aMEXSxWRkaVr-FZM2ZWzL7xwx3RlXFZmcuzn5Wg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx9xWesqUpGAnsfc_pbaBwockdEsdl6MXg7Iq4H-rDbCIISZzxr3qOuTdtL4aMEXSxWRkaVr-FZM2ZWzL7xwx3RlXFZmcuzn5Wg
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERVMUE1MzAtMjItRTY2Rg==&google_push=Aa02lx9xWesqUpGAnsfc_pbaBwockdEsdl6MXg7Iq4H-rDbCIISZzxr3qOuTdtL4aMEXSxWRkaVr-FZM2ZWzL7xwx3RlXFZmcuzn5Wg
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
Expires
0
report
sync.teads.tv/um/ Frame 8854
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKizTKUA6eW-3RCu4HYvxQg&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx9RLgYnvx8r_VXzpqV-z9unLngCcSn4U_CVmxqiQRpPk1lCGxMxFwJ5Gl8M-m9GDveB9l-0Dt25C20zO_qxXL2oiZ_L8jrvqnsu4w
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Tue, 07 Feb 2023 09:22:36 GMT
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8854 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ioy-37_t8C-OkAVhTUtMvqbfy5b45_u_6JgT4y_kDP_j-_6KNF89urq6br4dasKE4aldQ4Xg
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
frame.html
ad4m.at/ Frame D03D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1867411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
795b0fe2a9c291d2-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 09:22:36 GMT
expires
Thu, 12 Jan 2023 18:57:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOfkwX1LlIGaVVGzWcaUTNEKOVyMXhpJRBCY7s9KaPRJDjQGRvNw5y7MB8VJfZDTyz1X6SxB5dHD2m5jKRTUmhpXg1EeKIxe%2FQMq8EuJnE32uGTX%2BAfODxtY0HiH1BhmMcTI6Q0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 33C1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1867411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
795b0fe2b9cb91d2-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 09:22:36 GMT
expires
Thu, 12 Jan 2023 18:57:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Fcm48seF2G%2Fbr1%2FZNny78M8mcBdpZA8ma0eRKvfPpYlM%2FlehveIxKIieNKcLwvVuQR9vfz1XvEwgtU3ORuNgWQGdCFTyjU1tn2Yd9vLAsSTW8N%2BGf5hhNT7JrUfcLKk4siTFWs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 08:21:47 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62fdf69b-1bc07"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 07 Feb 2023 10:22:36 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.554.2_en.html
imasdk.googleapis.com/js/core/ Frame B21C 		694 KB
223 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c5caea5d9636db280e7b487edd7ea9ed9d6abd93f4d3506061a6739f09829f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
12726
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
227466
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy
cross-origin
Date
Tue, 07 Feb 2023 05:50:30 GMT
Expires
Wed, 07 Feb 2024 05:50:30 GMT
Last-Modified
Fri, 03 Feb 2023 16:36:07 GMT
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server
sffe
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Feb 2023 09:22:36 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.vidverto.io/delivery/rtb/video?data=NCtmTDJzSldXNkhtZnNDWFlGbEZlMDZyWWs2YnpzemY5TXpReXNPMzU5M24xUXd5YW5EaXZFWkdLR1A1bDl2VjhWY21rUXZHV3hiSFJDdWVleWMzUFAvYVVhQjkrZG9BRVFrTXFQLytYb2VHdWdndHo4SzVldTVCeldJUlhRWTBlQ2Jaa05EZDh4cXRIRHM4Rm9UL2s5VFFCMmxwUmgwZlBlRU9ESENJNldRcXg3RlhNRkVyOStzVTNXbC90NzNzRy9oanNUa0wxd0FFS2RtT0p0L2t5dmtic2JTbXE4a1NtY3pvVXdOT1ZXbThFZVFjekxET0xJUGZieGtWdW1rWk0yYjcvL2xtN1dIbGQ4Wm5sU3Fma2Z2Vm8rUjFnUWxyNE0zV1M4cU5hTitUNmwvcHd6RUpMa0xkckNWSUYxZ1l1NVlnQ0Rodjk2eFAwYTFrSXJ1Y3VaTFEycmZwVzhOYlZNVWswS0pBdDdyRDlsTXliMDhCL01KUUtpQmc5aVFGckxwWG1lWWNLNHZxVXU0dkhiaUxOV1A4aFd1RjFZUUx5UFpiTnZPTEcwOXJ4UTBoOGZteVRVU2dzbHBNL0tBRnFFSzFwY21mSWhSaDRYY21mRERJREwwYmdseS9rcGJuVWpjczhlU09DOFhrNE1vakQzbzdoNytDeisySTNHclgzV1IrS3ZPYUNuaHI4WWdjQzlJYXdoSDZrWkFqeEd2NHN2Um5TM1MwaGZxb1hBTHludENoNDJPY1RvOGYwb283aGlhdXdCSGRLYkE4aFFqcllzVWtKWkE1dzE1NlBCbUo3bDJBaWtDQTBzK1p2RWNhcEczN0lRc1laaW5Zakk4eQ%3D%3D
Protocol
HTTP/1.1
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lebanonfiles.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
frame.html
ad4m.at/ Frame 132D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1867411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
795b0fe31a1a91d2-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 09:22:36 GMT
expires
Thu, 12 Jan 2023 18:57:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ME9F642tatU%2BL1dJpnIfXShFC%2Br01GQYfocyw39Lu8iDhzU3Oek7jeqNx67ERzojXWEyMH2T%2FGnryJOSSjfhXmGamR9Yhwb0BIoawyG%2FRLyk6WWOmaQAhfauvbu70XDNXl5j05Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 49DA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1867411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
795b0fe31a1b91d2-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 09:22:36 GMT
expires
Thu, 12 Jan 2023 18:57:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5QdZRu5onIG5C9sxqYN0Nye4xAKJO3jJ5y2hQ0zuIdm56XxOu2d%2Be33%2BfYKkN3mOQIKoB6p2C%2F%2FlV1WxlYZl1ti%2B%2FMx%2FzAz%2FwblKXpl4406IkPqb39X7ZKyKechFqOwzizyCxU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame 255D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1867411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
795b0fe31a1c91d2-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 09:22:36 GMT
expires
Thu, 12 Jan 2023 18:57:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSRtmW0MAJl2xN3v%2BgENdjrEZ2eL%2FrG6KlOoF3qSq8nMUWPEQl3l6DOgYCo1HWIVzaMV%2Fj%2FfrdyDeqk3CKBB2vTVMGb2wVb6%2BMKMVci8Zf9qxKv8Op17Wz0yG0gTqbTrn2It0BM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
cs
cs.lkqd.net/ Frame C096
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=48fe64c0-4a8a-48f4-bdba-c01313cfc92d
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=48fe64c0-4a8a-48f4-bdba-c01313cfc92d
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=48fe64c0-4a8a-48f4-bdba-c01313cfc92d
date
Tue, 07 Feb 2023 09:22:36 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame C096 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C096 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame C096
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame C096
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Date
Tue, 07 Feb 2023 09:22:36 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 4621
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI99FzmcRpC7XE05ccINjxM&google_cver=1&google_push=Aa02lx-H-WOBh2A0EkaLPujgGFokkiFW_9n8kWlX0ocZU8B4ZOli17PZ72...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-H-WOBh2A0EkaLPujgGFokkiFW_9n8kWlX0ocZU8B4ZOli17PZ72V389TCnfJxuIetYToehJMxRGu2eSrXRDhael1XkKBuZVo&google_hm=ekH96Py7h...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-H-WOBh2A0EkaLPujgGFokkiFW_9n8kWlX0ocZU8B4ZOli17PZ72V389TCnfJxuIetYToehJMxRGu2eSrXRDhael1XkKBuZVo&google_hm=ekH96Py7hg2SomwxYe7a0g
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx-H-WOBh2A0EkaLPujgGFokkiFW_9n8kWlX0ocZU8B4ZOli17PZ72V389TCnfJxuIetYToehJMxRGu2eSrXRDhael1XkKBuZVo&google_hm=ekH96Py7hg2SomwxYe7a0g
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4621
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAFjcunc7ePeTMa0nl47itk&google_cver=1&google_push=Aa02lx972Njk_6x9g8Z2q1tjUGNyM87ZYmEaSmuhw6bG-4-AJajkjS_yDp4tHVJnT_-Or-4ILMXsIsV_xRtcbmNU...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx972Njk_6x9g8Z2q1tjUGNyM87ZYmEaSmuhw6bG-4-AJajkjS_yDp4tHVJnT_-Or-4ILMXsIsV_xRtcbmNUdrZ5ky7z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx972Njk_6x9g8Z2q1tjUGNyM87ZYmEaSmuhw6bG-4-AJajkjS_yDp4tHVJnT_-Or-4ILMXsIsV_xRtcbmNUdrZ5ky7zt5I9mOw
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 07 Feb 2023 09:22:36 GMT
Server
MT3 441 9053ffc master cdg-pixel-x30 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gXRj4hhZSACxP95P7Thk6w&google_push=Aa02lx972Njk_6x9g8Z2q1tjUGNyM87ZYmEaSmuhw6bG-4-AJajkjS_yDp4tHVJnT_-Or-4ILMXsIsV_xRtcbmNUdrZ5ky7zt5I9mOw
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 07 Feb 2023 09:22:35 GMT
i.match
a.tribalfusion.com/ Frame 4621 		43 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESECctER0iXprEQyfXLq_HsuM&google_cver=1&google_push=Aa02lx_MTV0YbRmxJS4L9b8HiPGfdF7cXG8kstwMt9gUTymdwYQLMOAjMev1hDM8GQp0-hRYYJjjIPuFXusyp_W2W67HoVFxoZvKXPo&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_MTV0YbRmxJS4L9b8HiPGfdF7cXG8kstwMt9gUTymdwYQLMOAjMev1hDM8GQp0-hRYYJjjIPuFXusyp_W2W67HoVFxoZvKXPo%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
795b0fe31c173669-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4621
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEDsRFYrIb8yQKwDlmwgExCo&google_cver=1&google_push=Aa02lx_lrju6426lUdd-3gcpi6e1CYFp1aXdrLHXO2zCk-e7xKRh0Dc6a24nssdpEV24tmg5YCMOVMAjP0Hvl0...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NzM0MTkzNzkxMTE5OTg5Mw%3D%3D&google_push=Aa02lx_lrju6426lUdd-3gcpi6e1CYFp1aXdrLHXO2zCk-e7xKRh0Dc6a24nssdpEV24tmg5YCMOVMAjP0Hvl0I0I6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NzM0MTkzNzkxMTE5OTg5Mw%3D%3D&google_push=Aa02lx_lrju6426lUdd-3gcpi6e1CYFp1aXdrLHXO2zCk-e7xKRh0Dc6a24nssdpEV24tmg5YCMOVMAjP0Hvl0I0I6Yx4WmSVkD6RCA
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NzM0MTkzNzkxMTE5OTg5Mw%3D%3D&google_push=Aa02lx_lrju6426lUdd-3gcpi6e1CYFp1aXdrLHXO2zCk-e7xKRh0Dc6a24nssdpEV24tmg5YCMOVMAjP0Hvl0I0I6Yx4WmSVkD6RCA
Date
Tue, 07 Feb 2023 09:22:36 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 4621
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFEXwPySH5IJhYeoOWmepL8&google_cver=1&google_push=Aa02lx8Ezc5PQL-95bUt6xCySChZH3KU4wqfTB5NrieISEx8NB8yghU3C8eHYGeAgXI9x1wXoWtAoD3drfYqljXowSsT7ws...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8Ezc5PQL-95bUt6xCySChZH3KU4wqfTB5NrieISEx8NB8yghU3C8eHYGeAgXI9x1wXoWtAoD3drfYqljXowSsT7wsfrUv2CXg&google_hm=eS05VzN3UFpCRTJwSGd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8Ezc5PQL-95bUt6xCySChZH3KU4wqfTB5NrieISEx8NB8yghU3C8eHYGeAgXI9x1wXoWtAoD3drfYqljXowSsT7wsfrUv2CXg&google_hm=eS05VzN3UFpCRTJwSGdYOFpBOERnZ3c5SC5NcW1EV0hXbH5B
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 07 Feb 2023 09:22:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8Ezc5PQL-95bUt6xCySChZH3KU4wqfTB5NrieISEx8NB8yghU3C8eHYGeAgXI9x1wXoWtAoD3drfYqljXowSsT7wsfrUv2CXg&google_hm=eS05VzN3UFpCRTJwSGdYOFpBOERnZ3c5SC5NcW1EV0hXbH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4621
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mL_FPdQdRFqLgJx3D_g4bA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mL_FPdQdRFqLgJx3D_g4bA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8fy6OucgxFpBAszspTPA_NkvOISzjbBihCHesVCjGw5exb1z_FhreaeLIErLWu9emp0OC_VkQ-bo1fBRfH92sxCtUhnzmR6JI
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mL_FPdQdRFqLgJx3D_g4bA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx8fy6OucgxFpBAszspTPA_NkvOISzjbBihCHesVCjGw5exb1z_FhreaeLIErLWu9emp0OC_VkQ-bo1fBRfH92sxCtUhnzmR6JI
date
Tue, 07 Feb 2023 09:22:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4621
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_hm=Y-IYXJahVj7h3mo3JgEwQwAABJoAAAAB&google_nid=index&google_push=Aa02lx-bA7SBGQOAENpzmMdfi4sGQ4GKK_6an...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_hm=Y-IYXJahVj7h3mo3JgEwQwAABJoAAAAB&google_nid=index&google_push=Aa02lx-bA7SBGQOAENpzmMdfi4sGQ4GKK_6anHPhR6w7wsxEL3NjNcvMC2BNczKJp4MWZuv_v9iHCgRXUokRTZ-m8v-yqGbeqDlaSck
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXe4K5MKU1joGfyQ9PsppxgMIt4VqaM8eK3kRMQvkBQ2AwVZU1g5I1AunKHsULfJJjRhCOfgBkcyieDRtGcZNM1%2BDrCqphJI5c4YExqm%2Be8DuACuIZFbpb%2B%2F5Z8kgIWnIJozuvAYXbGlBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEINAY1rprgViFs1ttkkx3qg&google_hm=Y-IYXJahVj7h3mo3JgEwQwAABJoAAAAB&google_nid=index&google_push=Aa02lx-bA7SBGQOAENpzmMdfi4sGQ4GKK_6anHPhR6w7wsxEL3NjNcvMC2BNczKJp4MWZuv_v9iHCgRXUokRTZ-m8v-yqGbeqDlaSck
cache-control
no-cache
cf-ray
795b0fe31c1a9c0d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 4621 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Km5hELZanrz4M4qIg82dweBrue0UBLYn3f9M820cX_enQ3vvPUNa8Pr9OoY6uIWpWbKgS2
Requested by
Host: bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
URL: https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
frame.html
ad4m.at/ Frame C2E7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1867411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
795b0fe32a2a91d2-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 09:22:36 GMT
expires
Thu, 12 Jan 2023 18:57:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BUC%2F6QDCjcADDYkLmGsj7gn%2FOhwim%2Fews9p64NYyTawBIb7hAjX2q%2Fn2mbPpDD2fT55QBiVacUn5DuzVTzEN91s9n6mc%2FFisSpCABIqEspVKMng8cfTbt8H7g57%2B8DO275L86s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame C125 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1867411
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
795b0fe33a2f91d2-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Tue, 07 Feb 2023 09:22:36 GMT
expires
Thu, 12 Jan 2023 18:57:16 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k972dM97UDduSAD7vn1YtAMEJaxAG9muGq%2Fv74YfTD53pVHoI%2FCOUqhgrexe6G%2BGefbdamfDLlE5fSlrLX%2B88Ga8eBn4bj9SZA541vEV9%2FZhKhxue%2FvWRQ0oqi0bnMcvlQ6xAsg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame 7F3B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:22:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
3588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 08:22:48 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3D56 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutK6yPbCAFXWO6KG-YGao8y-nRfcY0b60hH7Bni_4uzXMbdCzLeeoDddkTJtUGOBa-9U0-2TijxWFis7aYR3e2BU7cS4KVgebWWpAitITGxI6Xj4ye&sig=Cg0ArKJSzO-R9ut40oW9EAE&id=lidar2&mcvt=1085&p=199,1599,200,1600&mtos=1085,1085,1085,1085,1085&tos=1085,0,0,0,0&v=20230201&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1850051439&rs=4&la=0&cr=0&vs=4&r=v&rst=1675761755140&rpt=485&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C17325829337858311515347571595,,&tg_c.language=es&width=400&height=225
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.159.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-159-169.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
tag
4cywq-eqnre.ads.tremorhub.com/ad/ 		119 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fwww.lebanonfiles.com%2F&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C18168482117858311515347571595%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:1473:79ff:9ba3:468f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
http://www.lebanonfiles.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
av
vidoomy-d.openx.net/v/1.0/ 		48 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&cb=1478391141&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C7858311515347571595656169147,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ 		65 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ 		65 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=http%3A%2F%2Fwww.lebanonfiles.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame BE4E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: www.lebanonfiles.com
URL: http://www.lebanonfiles.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 08:22:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
3588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14278
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 08:22:48 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 01 Feb 2023 21:51:10 GMT
x-content-type-options
nosniff
age
473486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Feb 2024 21:51:10 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/moxplayer/moxplayer.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
http://www.lebanonfiles.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 14:03:51 GMT
x-content-type-options
nosniff
age
155925
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Feb 2024 14:03:51 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:36 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96653b9b6b919a16dcfce983c42fa78193d2b2e5cec34cceb23a02572c994485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125826
x-xss-protection
0
expires
Tue, 07 Feb 2023 09:22:37 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:37 GMT
server
nginx
t
t.lkqd.net/ Frame 5884 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:37 GMT
server
nginx
t
t.lkqd.net/ Frame 5884 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:37 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
480_650.mp4
cdn.vidverto.io/data/FQA1jG65ZQhuH1V/1327/video/1817/ 		120 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/data/FQA1jG65ZQhuH1V/1327/video/1817/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.225 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-225.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 07 Feb 2023 09:22:37 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd3e-7b4088"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-8077447/8077448
Connection
keep-alive
Content-Length
8077448
rs
ad4m.at/ Frame E2A0 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
301a0b0e01efdbd9dc5ae8ea06d49a4058077e1ca1fcd3a50602692b6c7189e8

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yI9WLRE8whE5nG23P18l9R62XheJpfXCz76iqbZbMnTrOo9Qes7JTaA7SnGVMkFY4Lr%2BvEPVtYp0zL2624L8UxRalBhHEeojK%2BGwMUcM3Ek7ofqnjifbU1Y2LdSw8nFawjWfuOk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
795b0fe77aed3718-FRA
x-backend-server
aa-reachservice-group-europe-west1-dl07
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
795b0fe70a663718-FRA
content-length
24
content-type
text/plain
date
Tue, 07 Feb 2023 09:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVNac9mwOb7Qd2RdX7WqSrec%2F%2FYH79TAn7ZWCtysPkSxSwiM%2B6ltqzQsNsh5kYDQ%2BOyVszvLvVf%2Fl0wl8Pn7MifiFCFvYSdK1XxhPEagtRqsYfXpl4bxqYOzoVmrACCh%2F%2BlY4MQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-b74t
rs
ad4m.at/ Frame 10C2 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c77eae66f9d32939545d1d27171713f53f7a258bec8b5466865213ead5fb7f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLzOvniMT3RBoZwnPJnJRsGBGK2YCRHdAZveqV3YaN1Hh8tbrl6TYcl7o51Lk%2BaGseARccdyBDZx8nIFxB89nDIZMFvJADfPb9XSPKmmXx0OQLtscf6wxqVbm659xsdkzCMnpOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
795b0fe77ae43718-FRA
x-backend-server
aa-reachservice-group-europe-west1-b74t
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
795b0fe70a633718-FRA
content-length
24
content-type
text/plain
date
Tue, 07 Feb 2023 09:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVPHA%2BZ0wysb4Upd63QWLB6snuQNpZLUoTHdET0v4j6rAGnDEdC1K9M3HIA5ViSPPYJ8ACvVvJX8IWDn3V1iKBMh237DXX%2FmjuB7J2L9bCL%2B3vcyYlIaDE5gLbRjOk7gL2L%2BQBs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-b74t
rs
ad4m.at/ Frame 13D6 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21fdfb102ff72944c5a2aa92c1e06a2fc2cb347327e995a9524d2fea7a105dba

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNw2ANr2CinA7ZaCf%2FnI5ZJXamD2IdGbRuQ%2BfECko12AtDmQElFXWkYqVaheyQhiB%2Bz4E7W1KNZrwDcyhHNFi6e83WqyaJ%2FHBTEBmc1MDGovyQwE15BUN7yTURPzxOEPQjHAeRA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
795b0fe77af23718-FRA
x-backend-server
aa-reachservice-group-europe-west1-b74t
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
795b0fe70a693718-FRA
content-length
24
content-type
text/plain
date
Tue, 07 Feb 2023 09:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9SfABSuJQXgJlBIT4aA7XW4tPYN8q7aeC3NzL5W6BE5U4L1eVDBjLmC7MlgOyiC9BQ1TbgCHFWLYeLZmEvrMdpC%2B7Nh8K%2FzbbLzE1xNWz1u1BLBRPSOd9M%2FCk%2Bm2b086h4zNAk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-dl07
rs
ad4m.at/ Frame 46C3 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f5fc73ab6a0fd76706f860c3e1d5536b800634dfb3f3863142c9f3a30c01887

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZocyMsUcqqvsuVN0qGep96bNnrUs0hHcv8YTfU6Q17qLXi2xg5XOj0HSzEYsL%2B6%2FbSWu84YQsMDDZL68sU6jpnXWac62mE%2BOYafBLquBFhy7ChNgi94cpOXp92Zxee0I24AyIeY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
795b0fe76add3718-FRA
x-backend-server
aa-reachservice-group-europe-west1-dl07
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
795b0fe70a643718-FRA
content-length
24
content-type
text/plain
date
Tue, 07 Feb 2023 09:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtFUSN4o8lnUPZe1BIsgSoO43HPbwqagPLyqdDzrfrXiiK%2FBoI5mdD2z%2FEdELOU9MYtIQbF9Rt%2BOE2nuHpDQU64oEeCwlDzdEPLv6pCL%2B0R%2FbyGUaQqvN%2FGWi9zR%2FnHwyzgROKA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-b74t
rs
ad4m.at/ Frame 5795 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f69dc71f554832e3cf71573aba862065712d6178f77fd0ff67a5e88b4d3b305f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ef6YPTCRgwddUvgq%2BqTmegTDHD9rofTtD6jPQTwXrBPPPtOm8VkFsr135mBOAH4bOM0isAIEmLggteTGrqIdeTpb1oE28POgRFF0YSAAAzuTq%2B8GtDsFtfCuOTToMoiD6smepmk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
795b0fe77ae23718-FRA
x-backend-server
aa-reachservice-group-europe-west1-b74t
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
795b0fe70a6a3718-FRA
content-length
24
content-type
text/plain
date
Tue, 07 Feb 2023 09:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCT9Bjwtkj1I4SqU67ow2Rgx4895%2BeUaZpLhMjso4sK1X4FOSBOTtt3BL9tT4jSSrd6Ez%2FgXoXd2ypQyePMpic7hhnTrF04ztrTAXF8Wae9wPuGP5HqkUxvV8t6u1A08vjBjcLw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-b74t
rs
ad4m.at/ Frame 5989 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63dbce096b38566dd7876d3a69f60ba5a1a4faa5d8d8983586df568e25e45e82

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTgLTfIBE61U%2BA5WJWX16gftbTodBoLYjcGiH2x80wWZlkBDgn%2FlqTxCjOtDVZu4B9KC4qYIrlDdXjNshRAIpwLBtdSlIpxOmp%2BBQwhHhOd6XdG2VhlMQPMtrxuIz%2BlDks3apZc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
795b0fe76ade3718-FRA
x-backend-server
aa-reachservice-group-europe-west1-b74t
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
795b0fe70a6d3718-FRA
content-length
24
content-type
text/plain
date
Tue, 07 Feb 2023 09:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pg7f82g77UNRPWoMZ7XL91hlkvuEo0hbqDiJnUqJxi%2B6QvHliKxKaCPvP1tOTOV%2B9fgQlovgU5Vo4%2FPoOx3O8EMPylZogclCnmpcXVX4pPD7SJgy5hKBEoPfpWeDQxww7vrbm6w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-b74t
rs
ad4m.at/ Frame E20B 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a230c016cbfa73b8cde325d438bba359537061b3aa7fbd03c2fe43fbe66e76

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nn7IDwQaOuaf1Vk2moLJxVUrHQPHkGN%2Bpx%2FxI1Gjrcsrfyfji%2Fj8GEfvC6YQcfTmQrdCzXFPRz9Nvkp%2FJhKmxbXavX82y4EBc3TcdScNkblFds%2FBzMbgGDlt7zIwQ5ZOArrZTMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
795b0fe76ae03718-FRA
x-backend-server
aa-reachservice-group-europe-west1-dl07
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
795b0fe70a6f3718-FRA
content-length
24
content-type
text/plain
date
Tue, 07 Feb 2023 09:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QhcjqeQ0G5Q%2BfEYT76QIbvMmHkyEFuOUR7zDAvft3fyAS7cICKd%2BS4ygbTWUX3IaQDpZdfhyFDmnEl%2B5KMncu3g%2FC0r9EfkUVid2IUam9n02wc8AyVbHEcAyN7qpXzjQ5qUUiw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-dl07
bridge3.554.2_en.html
imasdk.googleapis.com/js/core/ Frame 9840 		694 KB
223 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c5caea5d9636db280e7b487edd7ea9ed9d6abd93f4d3506061a6739f09829f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
12727
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
227466
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="ads-doubleclick-instream-static"
Cross-Origin-Resource-Policy
cross-origin
Date
Tue, 07 Feb 2023 05:50:30 GMT
Expires
Wed, 07 Feb 2024 05:50:30 GMT
Last-Modified
Fri, 03 Feb 2023 16:36:07 GMT
Report-To
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Server
sffe
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
NVNESHlQVHVSYkZkTXpGalFUdU4vVkJ1T01LQUhHMHBpWlZDejBMdjNLWE1UbStLTGx0eHVLbnRZaWdpbTMzM0JiVktCMDhYL01BVzloWkxwYkUzaTUvZG5QbmUxaUNzTHRBVEFCM2ErQzFwZEhzcW16YitKSVVmNEVYTnV2NmZFZVBmc3VEM1h0Y2lTRVVGVG5wd...
ad.vidverto.io/delivery/video/pod/ Frame B21C 		34 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/NVNESHlQVHVSYkZkTXpGalFUdU4vVkJ1T01LQUhHMHBpWlZDejBMdjNLWE1UbStLTGx0eHVLbnRZaWdpbTMzM0JiVktCMDhYL01BVzloWkxwYkUzaTUvZG5QbmUxaUNzTHRBVEFCM2ErQzFwZEhzcW16YitKSVVmNEVYTnV2NmZFZVBmc3VEM1h0Y2lTRVVGVG5wdGZsNHk3WEV2SWJwenlCNElhWU42R2RoWWM2NzlWYXBZQW1oUVhBOWVnbnNQVGVLckVMbTIxazcwOUhJTDdBMmJac3p4RWhpZEx0V0R5U0JFaW9jM1ltNFFqWnNnRDJpZnNFcUxQdkJQWXI4QlgyclpkUUxkeG9lSjU0L0haUW5PU2JTcFZOWGFVWS9HemxMRWJBemRuVXdWS0lwNnBxRXNtUUYyWDl3VW1UWGlaeFRJZC9wZmFCa3kxc0tvWWJEK3graTFiSXlWK3VJVElKNmUvMGN3azhMS0RBODlsWXpoeFRReU5CTkc2RTZFbWt4Vm56TTVZSzNNTCtUNzBXQVNXb3pTWWIvYXZrMFNPMXpUSXhOTHBHNTJvaWtvV0VkVE9Ldm5qM2t1US9FUExKaGJUVmNYdWlSRUUrSUtHRzU5emNSZml1MGJoWk9WS2NYWS9CcTgxNUNCWDMvVXFReGNtcDVwcmJSN1lTQU95QnlIOWs1QVVQaU1CRjMvcmszRlp4Ky9pWkNBNTFoWGR1WDdtSndSbHlzaUJPTmowb0w3cEQzVmRFcFVnTEtTcXp1eXBwZktidVhhWFh6NXRJK3RqbG9lSzl2NkQvc0QvWWtGUXFKYXZLTT0%3D
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
356fe773c0f526ef1ce494475576a5121086b575660d0ff46e5a92a8c02bfbdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
http://imasdk.googleapis.com
date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
rs
ad4m.at/ Frame 43AA 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2053a34e459956305e33dc13f642e236359fdd075550cdc4c40f5e70c34914aa

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ww%2F5PBlrmrDZ8VuwP2uDuzROE%2BXRwELgWJ8yHz01MeBL2xRcc45st2q8g3zXxXMuKtml8E39sSwVP3%2F0vJviBsHAvpl6G5BZVSs2TYtFcA13E%2FQ2CVoeJwvaHolUwf1pfSPZhH0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
795b0fe77aea3718-FRA
x-backend-server
aa-reachservice-group-europe-west1-dl07
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
795b0fe70a6c3718-FRA
content-length
24
content-type
text/plain
date
Tue, 07 Feb 2023 09:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7v38fFJMZlRmHy4mQeQcqDL%2FkRYxG6POXpHJKjnBcPOF8VB07BsFIUe65ZR5%2FMer1jCfutqdGlYhvU%2FWAtj8G7zZfEG%2BbHobT7qcVijGJ0H7dH4n8J9OgYsjx3bWTt2PgciTKE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-dl07
rs
ad4m.at/ Frame 8A0E 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2542b8e4563fdce8192d5e0a873786d54c205d1557fcea2a7382e449c099816c

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85IeuhxxU17eeX9TwkduVOkAmD5oxHrK0QWjcPi808xsEnWyX7l7sLjtrQQ6HilEIeELfmMMItVLNQoVNYH%2FWUewluoeqG0qOef8uu9GcWFsE1BfxuEHa4ZNrWViTUHSWLBy1Zk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
795b0fe77ae33718-FRA
x-backend-server
aa-reachservice-group-europe-west1-dl07
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
795b0fe70a6e3718-FRA
content-length
24
content-type
text/plain
date
Tue, 07 Feb 2023 09:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70yCctwgKqj155vGx4rlEnN7EFWWESK5ka9alX9GmvV0Wsz2cvltpXNNhSKWjdYJ1yE1eAHR0JWuWjXwXZH1gcOrlK%2BnIsFJeA2o10B73SUWv86GQrDPngXk0maeLS0plTZxMjg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-dl07
check.html
biddr.brealtime.com/ Frame 3009 		977 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80d5376e68f3824be9e97919bdc5ded99f0103ca92bc92717b46bb4f394d3402

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
2636
CF-Cache-Status
HIT
CF-RAY
795b0fe7fd8a9256-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 07 Feb 2023 09:22:37 GMT
Expires
Tue, 07 Feb 2023 10:22:37 GMT
Last-Modified
Thu, 26 Jan 2023 15:01:29 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
xPhDH403ER5dtigKZSNzrWSCUDW3nZi/qwRXHqLHBFRHFTWDMZxutqJhP8/L9PFgqkxlfzuU0uI=
x-amz-request-id
Y4HP6C9M24C4AX0J
async_usersync.html
acdn.adnxs.com/dmp/ Frame C634 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
20396
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 07 Feb 2023 09:22:37 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 02 Feb 2023 03:42:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
15, 242817
X-Served-By
cache-lga13626-LGA, cache-hhn-etou8220051-HHN
X-Timer
S1675761757.401947,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 5372 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/bidder-dev/prebid@master/4.23.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.lebanonfiles.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 07 Feb 2023 09:22:37 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
csi
csi.gstatic.com/ Frame B21C 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=1~ldu1a772&c=4395065835724&slotId=2197532917862&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4000:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame B21C 		80 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C53923969%2Fmt_video_NPR%2Fmt_lebanonfiles.com_video&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3111147463476305&cust_params=mt_fln%3D1.8&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=4132464886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=E3BE96CE-BAFC-4DC5-B44B-9DC0784A3922&nel=0&eid=44748969%2C44765701%2C44777649&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=1675761757410&cookie=ID%3D0900775d8e88bcd6-221f379aa2db0021%3AT%3D1675761753%3AS%3DALNI_MawDrq73fn4x63s9kq8mAxZwuW2DA&gpic=UID%3D00000bb13dbe94f4%3AT%3D1675761753%3ART%3D1675761753%3AS%3DALNI_Maxx7Hjhh_9da5la1oXmHj7_VgQWg&scor=181883762195472&ged=ve4_td5_tt0_pd5_la5000_er3867.440.3868.1160_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8d0f966c89690b39d75f524c019c812567ba617d0bf768c7bb93ab5b922f9f57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19202
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame B21C 		156 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22679584040%2Flebanonfiles.com_%2Fvast_15&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3111147463476305&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=4132464886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=E3BE96CE-BAFC-4DC5-B44B-9DC0784A3922&nel=0&eid=44748969%2C44765701%2C44777649&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=1675761757413&cookie=ID%3D0900775d8e88bcd6-221f379aa2db0021%3AT%3D1675761753%3AS%3DALNI_MawDrq73fn4x63s9kq8mAxZwuW2DA&gpic=UID%3D00000bb13dbe94f4%3AT%3D1675761753%3ART%3D1675761753%3AS%3DALNI_Maxx7Hjhh_9da5la1oXmHj7_VgQWg&scor=181883762195472&ged=ve4_td5_tt0_pd5_la5000_er3867.440.3868.1160_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame B21C 		80 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22679584040%2Flebanonfiles.com_video_preroll&description_url=https%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3111147463476305&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=4132464886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=E3BE96CE-BAFC-4DC5-B44B-9DC0784A3922&nel=0&eid=44748969%2C44765701%2C44777649&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=1675761757415&cookie=ID%3D0900775d8e88bcd6-221f379aa2db0021%3AT%3D1675761753%3AS%3DALNI_MawDrq73fn4x63s9kq8mAxZwuW2DA&gpic=UID%3D00000bb13dbe94f4%3AT%3D1675761753%3ART%3D1675761753%3AS%3DALNI_Maxx7Hjhh_9da5la1oXmHj7_VgQWg&scor=181883762195472&ged=ve4_td5_tt0_pd5_la5000_er3867.440.3868.1160_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7bd683d122dc300c50ba7b4da659d109e503a143dc3aab46996f91bfa854057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17022
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame B21C 		80 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C53923969%2Fivm_video%2Fivm_lebanonfiles.com_video&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3111147463476305&cust_params=mt_fln%3D0.8&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=4132464886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=E3BE96CE-BAFC-4DC5-B44B-9DC0784A3922&nel=0&eid=44748969%2C44765701%2C44777649&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=1675761757416&cookie=ID%3D0900775d8e88bcd6-221f379aa2db0021%3AT%3D1675761753%3AS%3DALNI_MawDrq73fn4x63s9kq8mAxZwuW2DA&gpic=UID%3D00000bb13dbe94f4%3AT%3D1675761753%3ART%3D1675761753%3AS%3DALNI_Maxx7Hjhh_9da5la1oXmHj7_VgQWg&scor=181883762195472&ged=ve4_td5_tt0_pd5_la5000_er3867.440.3868.1160_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
929d3f5e374458d40ae12ecea7dbc4882283bede5dfedb11fbad8bb4c6bad81f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19138
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame B21C 		80 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C53923969%2Fivm_video%2Fivm_lebanonfiles.com_video&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3111147463476305&cust_params=mt_fln%3D0.5&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=4132464886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=E3BE96CE-BAFC-4DC5-B44B-9DC0784A3922&nel=0&eid=44748969%2C44765701%2C44777649&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=1675761757417&cookie=ID%3D0900775d8e88bcd6-221f379aa2db0021%3AT%3D1675761753%3AS%3DALNI_MawDrq73fn4x63s9kq8mAxZwuW2DA&gpic=UID%3D00000bb13dbe94f4%3AT%3D1675761753%3ART%3D1675761753%3AS%3DALNI_Maxx7Hjhh_9da5la1oXmHj7_VgQWg&scor=181883762195472&ged=ve4_td5_tt0_pd5_la5000_er3867.440.3868.1160_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
7196cfb7b7f5b80055efcd7371116a9a88275d41a207e3baff58938e547c19f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19194
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame B21C 		80 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C53923969%2Fivm_video%2Fivm_lebanonfiles.com_video&description_url=http%3A%2F%2Flebanonfiles.com&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3111147463476305&cust_params=mt_fln%3D0.3&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=4132464886&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=E3BE96CE-BAFC-4DC5-B44B-9DC0784A3922&nel=0&eid=44748969%2C44765701%2C44777649&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&dt=1675761757419&cookie=ID%3D0900775d8e88bcd6-221f379aa2db0021%3AT%3D1675761753%3AS%3DALNI_MawDrq73fn4x63s9kq8mAxZwuW2DA&gpic=UID%3D00000bb13dbe94f4%3AT%3D1675761753%3ART%3D1675761753%3AS%3DALNI_Maxx7Hjhh_9da5la1oXmHj7_VgQWg&scor=181883762195472&ged=ve4_td5_tt0_pd5_la5000_er3867.440.3868.1160_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
76bc229324cf0fa4496cbe6e7c7c9e8dabe5f20d26a614c3d7c51ec2d3b031c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19333
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
http://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rar
as.ad4m.at/ad/ Frame 201B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=22925%2C14019%2C117569&b=kkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=dcd73013d91bba824bb63c7df57e2eb5%2F11564415562883759876&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757333&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdnqbzwrnkect4zvdnyw27mgc0apd0cg8xf3mq9qfgtm9hdc8v32k8s99xqebeyqq13swv0p469sfg8d3egc279hayndrcz4bzy74n7j4s8xsee5hr0zr8x15r2ap5xs6hpj5q0czemxffn5td8dqtfjbn86zr510gmfay9rrv87vqz0pjd9n5z95b8mcqtga7d9kf5k463zcxfbn5e8vdy2akxtnadmrhfxy67ptv42bnc406znc9c5nnqqvgwmcmnd4mjfrzct66khbnxfgf7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a8903695e45e5ece3c48e800f5a6b84c5721a34df5cf5107efd3b9eb77b021f
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1g5x3trv83pwpjafcy4e9nx9f55cj2byagvcb3ekh9j1fqgj2208qw2br42r275wpy0gr3hzw44czzd4kjp0d4eqqjyqbx3vrefzc1pw3pek6zdwfc8a8szk63873vmcygmfbg2rcxcp7ww7yeyzc6p3q77t83m138atd437d83wergr0gp7kg72th1jz5k5hd2dbgbf3g1vjh69bze27nzsaqnhdgbtt7e2p7qx4g10a6ns4hnxnkkwq5dq29rwkz30tnwxvj72bah9q3p6qn4dvham6bya3xp8nyxjy7pbpt1fdm92bzvtng8ncaf5tazxspr9p92vtwvfx43d4zeynn1b9r3w5g1mk60tbwtt5sbh49fv310pw36ww6q86wnqyrf5s0b0e794bngzw22v37yy9m4txxzgnxv2sffm2xtja18t609n9ky4me9bybg4cyk7ew&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%26client%3Dca-pub-8745593945608202%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fe80e9191d2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:37 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 631B 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69ebb599e2790acb51d8543b031d29a2d556ad54e5e81d87b596c92a28a3a3d2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gmmahp0aen8stdzahve9jmdkmqaj98ks1f8p5hxjefnty55mdfgm9jsmmymhr307qkvwkd9zwr5g10awr9frgv7c8akptfj4acxd39pjs843yfndqz9s4gv097ahqnj3x7gws0m2s4f4czkpskrg1fgyr6f7pjsjre72zxze4rsgkcqescb8dnzxbsf44bw9efk2gv7pyj5419qx4e325nrx715pwqwb2gbh74tdtc85hs0bff3m0jd58j15vt4mf2p5rdd3agh2zpqwhtxxmetzx8zn9mdbktvkva3vzhngpd4pp8ecwpdj7yawy859z94wytamhn3t39xc5nafgvas1v4148nbsses5ggaxdwdk2yybemc74ajbmefwyktyx0jbd14rvyh6ak4bkxk8ty98jh5j1b7h6cpv10p189qsr6y88szehfsamwkz9xgk9t6expjr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fe80e9591d2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:37 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 2532 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=2ab97b69596961a79fd0887044a7a68b%2F15856490710707791105&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757335&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwk015cy1bxr6yxbdc9cycwm3hkerfrpatzp3xd77m5nantr4kyy4020bkyh0httwtz3102wv6tcscvnndjvq9g53fa00v56qhxggm0bkj42kn9p5fqgzgdrv4mkbs7hv0mqt3g9pe5db191p9rgrjdmjyb495yrs3xa7r73tmaxs1cwfzft729d6q25ndknk9bczy8r9229pgr4x1kpkkc8w36dxewrg1avcg15zpf9r0f39kt3xx3dbzqfg6dh8svm6kgf7p84280tywhz7ym%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc04d57853b53642281fdd8cf4d4fd1305b48ae6a378c8fcbd61aec4a25cc575
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kmz842rnxwkjqpas3dm8t1s7f874z3b7mahw3mf63ba679w0edcwp036605hn3bh8j6k11zjkggv6787scp460t3wd57vsmrfdrc97a08ccjkd3mb3mw8bx51pcna2kb7np68qmzt22mzvbrxhgpjkfw0tpjbvn07wmawvtdhpxaxknep1jhwnpc8yt8t9qahbyk2q2z2ygcjvx3k3f9z42ey9jwzd9kkmd3c2bn9xvfc5jvv8kj44m46h8d0fw9n3qtsnv8gg86cq7jy822851hg6q8gt9s13hs27yhttp0pbv261z3ecpb1y297fc72xf35xpdercvd7hvbp93tt2wgw9n00mpb4vbv67bwta5hjdjbmgqpmb3wb0j3wt5469tfrmwsdnxg4fjxqv9fcq0h6acdeggjnet31jx1zq43ea3q6zhczz0dvxkj08479653n7s8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fe80e9c91d2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:37 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 8D92 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2769f94fe61c51cc2f01cce13616858cf4e0aed581c27b9f670cee234759302
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gz1vs1272vt11sh27xv8v5zcf7jpff02a5ggqmkvt0sj2cqcqe0d9x73359txh88ygd2jgapcpwhp7nqqtcsxpew7tycar3ysd7mt5j6wxseetnv5qxcfh3wjnvasjdn0cx46kkkgk9shhy9mpdbwyjeyrmyhz2d73xr4bz62383tq5603g0dm1wg26y0v799r91r6nk483jv5eg89a3vhmcdev0423anhpznszjz0gc5v9stnca2vvrcah97ps1ak0sxtrkc8phqp7re26xjr207p7twtg9pz7jy36pf2cn8pc2qmtxe4ekj89xt884tf8zdpj4fbbgmbzy7x3n7dkb6710qkds87ytk1f23ppr3bjymx1hvmfm78aqjsqv06ks7f5c6fhav13tszwam68ctdc2t75c0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fe81ead91d2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:37 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 1729 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=196438&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz&c=300&d=50&e=&g=faf51af2a100adf3764cd428b692c95c%2F13791815436736438511&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757338&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geztzq7b84k05f5b2tpcm536ktrd9rxqn4tts10adm3kktsmh274ddkgjh2hzkxshx4p2811ktwz7p2b9q11tnw2dnt4n9ve3f1wpnrng81sbqhxj2vy25xd9p47dn2f4gxpkwvxz1gjx6dcg4xyxjym09qzbg0h0w09xxb2prk2cqe6gj9rbdgnna8x2qqrf1rqnfj5gf1b29r1vdta1rt1t486s9dbd2ha67sec3p759qzsze1zqnvacq17j9p41fxwsxc5v6e06r4fx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo7ZJWhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf79EiS92KMlZ7gWhZRxjPAsTgf5n8oykAU5Hnc4vRRWudzfvBqHSSN9ZY-AEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0eydoCOmNS9PMvixd6cclmJyvkNQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f3d67a9de0c334f5aee65fa1960186fc578f9d966f6fc42533dfdd5691f7995
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gqdt2050ypgad3dvs8nrrw5vfpvpbzvxzfdphv9yrttpkw3wpf67gfg0qyt5sp9v9fa968q81d0n3y47avdt1n8vrbbdxgqg5yr16gqjtrdp82fkgm990z4ny66jw25y46b9a39tjnpa05p8cm4tws03h59ts5gnrkjkbwyz0qyjsvdyx0agk7j743pw17ckfmqcaanxh81bcxctz80nbv9x70syb6rw8gcdrv842x5ww8sp7a2vf80t1ve81bmxan5j4cjf64c5g3713yfq87djkya812jeccrfwqqxbm4tsd8fw92rhjkh353c4sj3m0y6gb8rv4eyz727gecpajzcptb1qeb363w5fj6bf129hpn7jpr5cchvp6bbcpner21m5rjqhd4d8g33d4pg8qrrecrasq6zpd016fwyem9wq0t&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo7ZJWhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf79EiS92KMlZ7gWhZRxjPAsTgf5n8oykAU5Hnc4vRRWudzfvBqHSSN9ZY-AEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0eydoCOmNS9PMvixd6cclmJyvkNQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fe82eaf91d2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:37 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame B9CF 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce942734deae5c6e995d3f878159791f504191ff1ab362c50938bf078d0a460c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kpm7581ve6tht0mzzsjhrb8afzf2v73hrd1d26n6hr9wtf3j757brj0b6cakjf9fyjd03h058qx4khzh89921t5242xyp785vmytxyjk19gnn82v5zrprzt63n4nm7h1k3f5q5ajbkv90k1qe450eh0th8qm72r65a64vyx8zbhex0p414hfaa3k21eaxd8m6pdw50g6ddk2xtpp7j9x45e4m9zatz92mt34eadr8px19q5jnqsgqd81r9xetphmhtvq0g8k8c1bvyxmmtw00t9hrtt6rs4s4ba8mb78wpvdy1ha8y47n9j1ehej7f8mj0zqz9tqmzdcb9zpcsa988j5c2pb1g2krnxm0t0y7bxmz5ppxtd0qrfx9z7cyd11hf6693typkjf5a1ar1zsa32hgje4q061hf232xqqnmf8epgfw&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fe82ebd91d2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:37 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 4348 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=160&d=600&e=&g=2aaddd651aa00f888982e71fe970275c%2F12755215677127775712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757339&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca2bae1171d5b3e93834e4e14c247d2a24d96dec43b959dbff461c966acc49ec
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gtqdn7wfn7a1qfhh69zgkn0rr8jjfz7s22ee4tetznm5y7pnwqydg1c93g9d37z0n2vw3tjwg94m254178bpxrkfefjw1jhbb461v3nwp81gw5bhbeqc0n1acy4pt3byqpx4mxxmamb5sww7e2vk8k30ak9zr701tst8hw650wy54hr1whengn846mqrhcjsrjbk397q080pq6hepypdb51p5e3ezgts0364krmjgn8xqqa0t570mh05m3eddastapmf2x6kjevtwyvtp9jxjc623n5cc3n7mme9w9z92696hnfxqj170edjgmj1znk1bbfb10eanrnn7ae3v41jg4kjavwy7h6za8s51cjdt6psykje9nnsnah6eey32s5jfb6r0bccjxe4cmzqxjr0rmycsdsmy6h9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%26client%3Dca-pub-8745593945608202%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fe82ebf91d2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:37 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
batch
services.insurads.com/dfp/mapping/ Frame AD52 		942 B
586 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.insurads.com/dfp/mapping/batch?appId=2490&requests=[{%22eaup%22:%22/21894097782/LFiles_1x1%22,%22eoid%22:2761469273,%22eolid%22:5507213652,%22advid%22:4830452331,%22w%22:1,%22h%22:1,%22eId%22:%22main_lfiles_1x1_0%22}]&h=http%3A%2F%2Fwww.lebanonfiles.com%2F
Requested by
Host: cdn.insurads.com
URL: https://cdn.insurads.com/iat-1.9.6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.205.108.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-108-144.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5ad50935678c2437bd84bd2458474b72509fa3a6b127a75fec10492929d80ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
480_650.mp4
cdn.vidverto.io/data/FQA1jG65ZQhuH1V/1327/video/1817/ 		80 KB
80 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/data/FQA1jG65ZQhuH1V/1327/video/1817/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.225 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-225.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
80e691513d819191e33c0c51892c4ac816b21178dc89b5fcc06bc0cb60e932aa

Request headers

Referer
http://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=7995392-

Response headers

Date
Tue, 07 Feb 2023 09:22:37 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd3e-7b4088"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 7995392-8077447/8077448
Connection
keep-alive
Content-Length
82056
rar
as.ad4m.at/ad/ Frame D681 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=9a934c8011023aaed3bcec722bc92fb2%2F4393075690616156216&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hb1c3yefm9956dv8av8yqna334dqtzg7j4dyxpszgpgwvncmrn4hc5xqecrn24kcgb8gvh6phyj8k1x6dg6merxmfxqnzkgwgm6w62xmy2cqfhj25hafhgd61yyz58w3jdj8m5vw6kjjvk85bd5tgegmkgtsjtmyn6ght9ss05pv52y9fahdz9kcj20yqyry9z5yem4rcmmmdq7qbwm6ar2zk9cdfqwm96d2pk7hae8zy8fxw770b7kcfb5db2pgzf3pre9h13j9p2f6qd64bdj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ab46989e3de7cf0cf0b8058cef074214939c3bc671d0ac1dcd5d345f2513802
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1g5xv36gdqay1vvr7e1gh2rsy5rk1k6ae2hgd5by8930acta9ng34v61v9ysnphch4emn00x04zdqq117qkd9eszx7208sfd1ayt81zk10xg7h251bk9abk3dh250dvgq8ws29dzzjpq9q28bcabjz2jfqz0733702hspf52kz28p25s2a9v36n4qxx1erw30n1qzvd4vdgxwpmhe729zw0bnf03gwb3tmyargetz32nhfae469rv66ydma9d9hb41gf427e60bh60qnz2f1v92ea722sqdcejj1wv80eqkzj3c9e5varm5h3g1a6vw6sbmtbfq8nrnb2r6pyszxcfpxv97czp9y4vvs050wkqng8rehpx1jxkky6wvvwhszcn5m9hrjfwx0h9v7vz23hnwbkyfzpyqatrhdqsn5frhcd7gqfv1ahwjjb5r2rbthrf1nf9jy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%26client%3Dca-pub-8745593945608202%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fe84ecd91d2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:37 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 23B7 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19458%2C14019%2C117569&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=970&d=90&e=&g=7a6057afdd8125553e67a2079e020180%2F10502505646532520483&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6t5n1whyt6y1ts9p9qwb7gt3pyn93gbc436rczw1jgc9t5dzamz71p21vazme2an7r397gndjjbzsq99z98jpcyw6da0mdemnsfzyrrjw66jrdrpm0scverjrcpk6fnewp5fs7w0v0m1kwhrpzkn6bsytxq8xvj26qzpms2v2wnddzcqkg6aahd7mdqkegfre2dq69mr2edbytasazvwrgb3rc41yhr37kqrv6njm395hv14jgxy17cz3tdaysc8r646ex0vk76h32drdvk838%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81065c480dbb5cc9b6093be1f389ae432b8bbb697a19d63f1fee697f075c29bf
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gy1rp4zh5rhk2nswa66b3mgz6eg7c185gq7mn8sz2p6zgd30cnw514mw5m5erbgef8ckehv1q33btssc0x3b18kyjb8fh3a38hwd43s30sx87xzb1dg63fz8xbfq01jqk69f6rs27z0t8d1x3hd9bbjh0qan29e0zk50dn50ysw7x9pdm059t1c1phzhm1dn9z4b2ap1v5tfbe09vrh1mkyyxmkwzjeg7kggx9bfqbmsm02te8vaprhbqwsvkevmzz90xbvtyy8kct9csakvzw5g7m7amtkqwa9n7jzvf3xgg5khsdk8e2wkxkk38zmdhv0zx0jegsxv895kamsezq79bdrwhpyeggzrf7rnx8yefyca0e4vjc8am3jx1ykv03hj05hk74qdagpt25cd7anes7s5rhq614s53arbrrfjsr7yjd4y3cb1z0hvpbz8vwntbv8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%26client%3Dca-pub-8745593945608202%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
795b0fe84ed091d2-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 07 Feb 2023 09:22:37 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
async_usersync
ib.adnxs.com/ Frame C634 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:37 GMT
AN-X-Request-Uuid
f33ded09-f56d-4214-99dc-43d0062e13cd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 631B 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57630
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMTTivE3wZPoiwk8bJv%2F%2BS5rwYjwdO%2BOzaCsrvxERjkd46l8mhRKhNReRfmDNJhVVbcs8aGbwlRV3NGmHyvFR1MPgBs6U8tHJCLP3KWcnGtSQoxeWycP0DzQnPbx0TudYm18yaMfIIc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fe87efa91d2-FRA
expires
Tue, 07 Feb 2023 10:22:37 GMT
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 631B 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2647001
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=odIcb%2Bm2OE4fBq6IRsYXd0uQM4D13ouMMAuAAbWg2KSBghGp2rlJdo2GnaFpS%2BW1by4xuVr87npiZrwJhiUlJ4ppSS0%2Bf0AY0zE4wUiuxAtIofbxeC35431a%2FG5ie3bFXNTCEIsU976d%2BA0D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe87ce78fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
assets.ad4m.at/product_image/ Frame 631B 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1145444
cf-polished
qual=85, origFmt=jpeg, origSize=72345
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44118
cf-bgj
imgq:85,h2pri
last-modified
Tue, 14 Jun 2022 09:41:24 GMT
server
cloudflare
etag
"ed6f7b3b1b04cd5f78cf354be09c981b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBWEevttn8Q6nJKlDOugX%2BiRo9%2Ft%2FLIpZUN70DzFZWjAFP%2ByZhczvJpQdT2KyRRiEqW2XS0vd4IkNIosNQuswhai0vTOY%2FxfUFYWNWLIekLsQpqI7TYCIrW2kCImE68oiMwVF%2F1wo1kavHig"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe89d0a8fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
/
banner.congstar.de/cookie/ Frame 631B
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CIKgr4KLg_0CFQzdEQgd5G8F1w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39Woneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675761757_f6a0d980-a6c8-11ed-acb0-22645d5ed731
0
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675761757_f6a0d980-a6c8-11ed-acb0-22645d5ed731
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS
km36617.keymachine.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:37 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675761757_f6a0d980-a6c8-11ed-acb0-22645d5ed731
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
assets.ad4m.at/logo/ Frame 631B 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B6C55515525C2192B97E1253116BAA5C685DD07AF79BB6C9C4097CAEDCCAF04D1DC2B7B5FD417FB88EA0B39E23DED47A8BBF448407373E4FBED422FA6A33EF14
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b29bdb7db83315a34e9893cdd74afad8064611b89dade9adcc78b42fcafbf159

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1076483
cf-polished
origFmt=png, origSize=53992
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26228
cf-bgj
imgq:85,h2pri
last-modified
Wed, 29 Jun 2022 14:47:26 GMT
server
cloudflare
etag
"e460905652d65e6a54a57da046f52d6c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAQURvnL7R7LVxZTbt%2BjHwXWNMC34Gox0PK7IYzcwAnQy3oq0dqit8CAvrMgY%2FpM%2BRMQB8wlq9VyjXRr3jaLDewx%2FusGJ3L5dTvaX82zYadSOz8up%2BETovg%2FdHFrmi6iI%2Bu5KAmg5cHv05PJ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe89d0e8fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame 631B 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
181936
cf-polished
origFmt=png, origSize=105738
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
55798
cf-bgj
imgq:85,h2pri
last-modified
Mon, 04 Jul 2022 08:55:40 GMT
server
cloudflare
etag
"147be38db57f89c69c9e65b05983ff0e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFUnBbzF95MPKiW05VwDngw9gpj3udF6GwjUcdGlbC7NytmlYfCy%2BfJfL8pLbmjShJf0P%2F4yQhhPUzVk1Nitm0trXOI%2BGjsaI8gy7y6N1zftw0caUzbZ%2FkRlD9fR9HHwQiDlWOUkeW2mnrYF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe89d108fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 631B 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1593066
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TlRGPUo2NBYjUncYbw3w%2BsbCb2pjXNUbOwrSeRs9ESg5b84wbUjnpaQgjMbhhmkOYSimy6S91ZJwW8ptR8rX3f3KyXhGnwaOWRL1xn%2BduYv1C62FFg81RYo%2Btu0WhFQ8Z6TlCJnBmIIq385g"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe89d118fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 631B 		298 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9cfb9dfc4bbe75509f6268415c710c44474dc703b8705eacada2ac8acb2725

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
323467
cf-polished
origSize=342797, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
305593
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4O%2FYd6LLXDGp1P%2F26XbuvfuA%2FAAmysdHqYuuDfPt34e0sYEWfpEqm%2FftXHFTCFmrwx9Cgj6hmR3zStH%2F7B0rORLbxRIlcPjuT8hzWtkFFyDYvTpjqCmFB2jrwPbl5J1iICPuReGwzu5vJx2"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe89d138fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
ztpv.php
www.conrad.de/ Frame 631B
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f6750e90-a6c8-11ed-ab4b-226222ea62e0&insert=AW&&gdpr=0&gdpr_consent=
0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f6750e90-a6c8-11ed-ab4b-226222ea62e0&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 additional-webserver-blue-n1lg (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
486737639
content-type
text/html; charset=UTF-8
cache-control
no-cache
server-timing
intid;desc=d899f95600ddf51f
cf-ray
795b0fea686b3609-FRA
expires
-1

Redirect headers

Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f6750e90-a6c8-11ed-ab4b-226222ea62e0&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 2532 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=2ab97b69596961a79fd0887044a7a68b%2F15856490710707791105&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757335&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwk015cy1bxr6yxbdc9cycwm3hkerfrpatzp3xd77m5nantr4kyy4020bkyh0httwtz3102wv6tcscvnndjvq9g53fa00v56qhxggm0bkj42kn9p5fqgzgdrv4mkbs7hv0mqt3g9pe5db191p9rgrjdmjyb495yrs3xa7r73tmaxs1cwfzft729d6q25ndknk9bczy8r9229pgr4x1kpkkc8w36dxewrg1avcg15zpf9r0f39kt3xx3dbzqfg6dh8svm6kgf7p84280tywhz7ym%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=2ab97b69596961a79fd0887044a7a68b%2F15856490710707791105&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757335&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwk015cy1bxr6yxbdc9cycwm3hkerfrpatzp3xd77m5nantr4kyy4020bkyh0httwtz3102wv6tcscvnndjvq9g53fa00v56qhxggm0bkj42kn9p5fqgzgdrv4mkbs7hv0mqt3g9pe5db191p9rgrjdmjyb495yrs3xa7r73tmaxs1cwfzft729d6q25ndknk9bczy8r9229pgr4x1kpkkc8w36dxewrg1avcg15zpf9r0f39kt3xx3dbzqfg6dh8svm6kgf7p84280tywhz7ym%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57630
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHuCNPQL9vhknuiyKqJYRyGM%2Bc%2Fr4EqoVHwlV%2F9qMt%2FsXJFkJRyFpb5cZdYicKq9%2Bu2fEU1Fg2uOykC1vNRKdv1%2FMbOcHsyzCQfbufyt9V5Hli%2BCOBHW5mrHr9YAl%2FDlisS%2BwIOGsZc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fe88f0491d2-FRA
expires
Tue, 07 Feb 2023 10:22:37 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 2532 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=2ab97b69596961a79fd0887044a7a68b%2F15856490710707791105&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757335&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwk015cy1bxr6yxbdc9cycwm3hkerfrpatzp3xd77m5nantr4kyy4020bkyh0httwtz3102wv6tcscvnndjvq9g53fa00v56qhxggm0bkj42kn9p5fqgzgdrv4mkbs7hv0mqt3g9pe5db191p9rgrjdmjyb495yrs3xa7r73tmaxs1cwfzft729d6q25ndknk9bczy8r9229pgr4x1kpkkc8w36dxewrg1avcg15zpf9r0f39kt3xx3dbzqfg6dh8svm6kgf7p84280tywhz7ym%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
481646
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54554
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msWo4k0Pp2Slx6ltN1kz5C4eSEfxZrdoFXjk5PB%2FVaB5HIJ%2BxehkP0HmVL3HI6QyGs4P%2BeWeiuLkJ6ztBqRNYZKVfk%2F9k67hlOW2G9f69nV2GW7KDT3XzfD%2B%2B4f5xSDzKJRsZ2vBVxmXdGZ2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe88cf18fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 2532 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=2ab97b69596961a79fd0887044a7a68b%2F15856490710707791105&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757335&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwk015cy1bxr6yxbdc9cycwm3hkerfrpatzp3xd77m5nantr4kyy4020bkyh0httwtz3102wv6tcscvnndjvq9g53fa00v56qhxggm0bkj42kn9p5fqgzgdrv4mkbs7hv0mqt3g9pe5db191p9rgrjdmjyb495yrs3xa7r73tmaxs1cwfzft729d6q25ndknk9bczy8r9229pgr4x1kpkkc8w36dxewrg1avcg15zpf9r0f39kt3xx3dbzqfg6dh8svm6kgf7p84280tywhz7ym%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1086601
cf-polished
qual=85, origFmt=jpeg, origSize=132437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjXmGaH1WGb%2BkIna6fM1yWP6gBKTt4ZtkuG2ENnbYUhM%2BEbn9DNdlGJWmqyt13jEpc0B%2BgLWhovI%2FD46pgl03zY9cIwWPUvH14gOr3fYCa6VJfMADyUXY%2FPrQ65nKmyxFNKicx9aVn7vTca7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8ad158fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
/
partner.o2online.de/a/ Frame 2532
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=COipr4KLg_0CFWnGuwgdbFgKCA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023020710223881356755537X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suit...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023020710223881356755537X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020710223881356755537X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=2ab97b69596961a79fd0887044a7a68b%2F15856490710707791105&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757335&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwk015cy1bxr6yxbdc9cycwm3hkerfrpatzp3xd77m5nantr4kyy4020bkyh0httwtz3102wv6tcscvnndjvq9g53fa00v56qhxggm0bkj42kn9p5fqgzgdrv4mkbs7hv0mqt3g9pe5db191p9rgrjdmjyb495yrs3xa7r73tmaxs1cwfzft729d6q25ndknk9bczy8r9229pgr4x1kpkkc8w36dxewrg1avcg15zpf9r0f39kt3xx3dbzqfg6dh8svm6kgf7p84280tywhz7ym%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:38 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023020710223881356755537X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020710223881356755537X117703V1226132702MSviewoneidxmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xdoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117703&partnerid=12218
date
Tue, 07 Feb 2023 09:22:38 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 2532 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=2ab97b69596961a79fd0887044a7a68b%2F15856490710707791105&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757335&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwk015cy1bxr6yxbdc9cycwm3hkerfrpatzp3xd77m5nantr4kyy4020bkyh0httwtz3102wv6tcscvnndjvq9g53fa00v56qhxggm0bkj42kn9p5fqgzgdrv4mkbs7hv0mqt3g9pe5db191p9rgrjdmjyb495yrs3xa7r73tmaxs1cwfzft729d6q25ndknk9bczy8r9229pgr4x1kpkkc8w36dxewrg1avcg15zpf9r0f39kt3xx3dbzqfg6dh8svm6kgf7p84280tywhz7ym%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1593066
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0S6QWv1UYBToYeLrzoKM64Spki%2FPOlBIrZzIyGCi0vue2XROw7Z7ZQugbEsVA3fSC%2FCtTX%2BYq3fqCEdtHC7qqxFeNyQiCoOte0N8FdrushB1%2FZzeRmv3FH5fqTOOyXK2bFhGDHewojldMGL5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8ad178fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 2532 		298 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=2ab97b69596961a79fd0887044a7a68b%2F15856490710707791105&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757335&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwk015cy1bxr6yxbdc9cycwm3hkerfrpatzp3xd77m5nantr4kyy4020bkyh0httwtz3102wv6tcscvnndjvq9g53fa00v56qhxggm0bkj42kn9p5fqgzgdrv4mkbs7hv0mqt3g9pe5db191p9rgrjdmjyb495yrs3xa7r73tmaxs1cwfzft729d6q25ndknk9bczy8r9229pgr4x1kpkkc8w36dxewrg1avcg15zpf9r0f39kt3xx3dbzqfg6dh8svm6kgf7p84280tywhz7ym%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9cfb9dfc4bbe75509f6268415c710c44474dc703b8705eacada2ac8acb2725

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
323467
cf-polished
origSize=342797, status=vary_header_present
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
305593
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGhEz4O494XUZN1YNDCRCZqfBKQtziYq%2FnTlpFTQu1U4NQsVHmd9XH3XZCf9%2BJowqGOZnDE29zi8dB95yTBdRkl5jty%2BcMw4FlIQpw9PQ80H3VcxENPeNDuZLjSvX6NMEHpcZYX6ji74TjyS"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8cd368fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
ztpv.php
www.conrad.de/ Frame 2532
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f67b7730-a6c8-11ed-b22f-2232cde24fee&insert=AW&&gdpr=0&gdpr_consent=
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f67b7730-a6c8-11ed-b22f-2232cde24fee&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=2ab97b69596961a79fd0887044a7a68b%2F15856490710707791105&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757335&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwk015cy1bxr6yxbdc9cycwm3hkerfrpatzp3xd77m5nantr4kyy4020bkyh0httwtz3102wv6tcscvnndjvq9g53fa00v56qhxggm0bkj42kn9p5fqgzgdrv4mkbs7hv0mqt3g9pe5db191p9rgrjdmjyb495yrs3xa7r73tmaxs1cwfzft729d6q25ndknk9bczy8r9229pgr4x1kpkkc8w36dxewrg1avcg15zpf9r0f39kt3xx3dbzqfg6dh8svm6kgf7p84280tywhz7ym%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 additional-webserver-blue-n1lg (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
492706809
content-type
text/html; charset=UTF-8
cache-control
no-cache
server-timing
intid;desc=d411cae4bb165a54
cf-ray
795b0fea686a3609-FRA
expires
-1

Redirect headers

Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f67b7730-a6c8-11ed-b22f-2232cde24fee&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 2532 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=2ab97b69596961a79fd0887044a7a68b%2F15856490710707791105&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757335&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwk015cy1bxr6yxbdc9cycwm3hkerfrpatzp3xd77m5nantr4kyy4020bkyh0httwtz3102wv6tcscvnndjvq9g53fa00v56qhxggm0bkj42kn9p5fqgzgdrv4mkbs7hv0mqt3g9pe5db191p9rgrjdmjyb495yrs3xa7r73tmaxs1cwfzft729d6q25ndknk9bczy8r9229pgr4x1kpkkc8w36dxewrg1avcg15zpf9r0f39kt3xx3dbzqfg6dh8svm6kgf7p84280tywhz7ym%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
198330
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJFPUsVreQ88MsbodVCQaUmZMn6q%2FPjXM1tGOIZgcMgNrvzhDU%2B6CPlNlrv%2B0SOL51BuCPjzkkyzbBzcy560g2lxZID8GsjVChfKCzlYyubuKp5JNasJxswvKZE%2FHqgVv6RdlxCe6QFaSVSs"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8cd3a8fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 2532 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=2ab97b69596961a79fd0887044a7a68b%2F15856490710707791105&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757335&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwk015cy1bxr6yxbdc9cycwm3hkerfrpatzp3xd77m5nantr4kyy4020bkyh0httwtz3102wv6tcscvnndjvq9g53fa00v56qhxggm0bkj42kn9p5fqgzgdrv4mkbs7hv0mqt3g9pe5db191p9rgrjdmjyb495yrs3xa7r73tmaxs1cwfzft729d6q25ndknk9bczy8r9229pgr4x1kpkkc8w36dxewrg1avcg15zpf9r0f39kt3xx3dbzqfg6dh8svm6kgf7p84280tywhz7ym%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
709013
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npwHlOdbgyzhrXkeIcnflZrxZ95b86TL67DbxeWlbuWMjo4VIQ6tqaLlr%2FoiJ5NxZH%2Fc%2BmI47Dk035SJiaFxPSmlHSYd6ytAjoCuplVjZM8exOPD0yZhPchXX7iG164RbA9AImxE9F1pcuNu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8cd3b8fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
cshow.php
www.awin1.com/ Frame 2532 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=157265%2C14019%2C117569&b=xmDFQfAfWz4ecPHdHztQtRRgc7S6TKKps17xd%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=Y4Xsrf3fjde3cVH9HetgCRR8ckS1Tddju1ZYe%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=2ab97b69596961a79fd0887044a7a68b%2F15856490710707791105&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757335&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hwk015cy1bxr6yxbdc9cycwm3hkerfrpatzp3xd77m5nantr4kyy4020bkyh0httwtz3102wv6tcscvnndjvq9g53fa00v56qhxggm0bkj42kn9p5fqgzgdrv4mkbs7hv0mqt3g9pe5db191p9rgrjdmjyb495yrs3xa7r73tmaxs1cwfzft729d6q25ndknk9bczy8r9229pgr4x1kpkkc8w36dxewrg1avcg15zpf9r0f39kt3xx3dbzqfg6dh8svm6kgf7p84280tywhz7ym%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2m8BWhjiY-bzGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QsTT5QFfnpBtFo0QpeS6Pdz3yXrvAdtgqog6tG_WCHIQfQo95Cfpqedq_aSReV36-pI26vr50vy59NCCqOi_5t42_qi7ag0Vv55eO8-GMKqEpGhJqP6DQ7tFeUOM9keNVG2RDSJuv88a8HvHl0DTx5_sFdz27RP_zyjleceSWj-zotmA4HyCMG99zsbUK4awMndG9xd95ohL5hoLi_hBzlDgf6SZMxByaZk_7t7MQgYgivjQQi1k0grmQFUN5O0d7CcxiJAhCoTiskzAOK2WwcRlOCy_8a9ezeFrzT_k5PUiIUPqImBFUqc2p7PW0M0IuJnAyKi6uUB296X2I7vVMB_AJuAeIsCSR8syhDbzUUgvCwgcAzK_kVozsRZnilYPBteAEAYAGtfyR8JWEsu_iAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0-wtM0psDOrmuvhdtOdj4u9OZipQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.75.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-75-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 201B 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C14019%2C117569&b=kkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=dcd73013d91bba824bb63c7df57e2eb5%2F11564415562883759876&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757333&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdnqbzwrnkect4zvdnyw27mgc0apd0cg8xf3mq9qfgtm9hdc8v32k8s99xqebeyqq13swv0p469sfg8d3egc279hayndrcz4bzy74n7j4s8xsee5hr0zr8x15r2ap5xs6hpj5q0czemxffn5td8dqtfjbn86zr510gmfay9rrv87vqz0pjd9n5z95b8mcqtga7d9kf5k463zcxfbn5e8vdy2akxtnadmrhfxy67ptv42bnc406znc9c5nnqqvgwmcmnd4mjfrzct66khbnxfgf7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=22925%2C14019%2C117569&b=kkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=dcd73013d91bba824bb63c7df57e2eb5%2F11564415562883759876&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757333&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdnqbzwrnkect4zvdnyw27mgc0apd0cg8xf3mq9qfgtm9hdc8v32k8s99xqebeyqq13swv0p469sfg8d3egc279hayndrcz4bzy74n7j4s8xsee5hr0zr8x15r2ap5xs6hpj5q0czemxffn5td8dqtfjbn86zr510gmfay9rrv87vqz0pjd9n5z95b8mcqtga7d9kf5k463zcxfbn5e8vdy2akxtnadmrhfxy67ptv42bnc406znc9c5nnqqvgwmcmnd4mjfrzct66khbnxfgf7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57630
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9gOBO0ZvkWc99s%2FDj%2BQ8ky7ihq%2FZqYm4B4ybHY7nA%2BjbByRvqaCALg6H00BzNeg%2FIaqKge6pgsTl88BkD4uKO%2FcdleK%2FZsFEkCD9Wwj%2F3ApSSNQBQ6AgDMPA7EY14vkjpSrouaG94Ls%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fe89f1791d2-FRA
expires
Tue, 07 Feb 2023 10:22:37 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 201B 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C14019%2C117569&b=kkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=dcd73013d91bba824bb63c7df57e2eb5%2F11564415562883759876&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757333&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdnqbzwrnkect4zvdnyw27mgc0apd0cg8xf3mq9qfgtm9hdc8v32k8s99xqebeyqq13swv0p469sfg8d3egc279hayndrcz4bzy74n7j4s8xsee5hr0zr8x15r2ap5xs6hpj5q0czemxffn5td8dqtfjbn86zr510gmfay9rrv87vqz0pjd9n5z95b8mcqtga7d9kf5k463zcxfbn5e8vdy2akxtnadmrhfxy67ptv42bnc406znc9c5nnqqvgwmcmnd4mjfrzct66khbnxfgf7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
481646
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54554
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UNL88X1pAPbwbha5r71s5tO6nCbiQwLK2ayUrcVpc9LMBA3MNty3zi8TBLz4fZawCvvG%2FbJYPlIO0lTJUm62KB6gmWtzy5MF8dE3V6CS9uYzTVjCrKjjXG3ZGdF54KFyUdy4jiRHHiP7mLgN"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe89d078fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
assets.ad4m.at/product_image/ Frame 201B 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/6486455729BD96BDB8E481E3F0AFB23C855E4C9DE0A632584D1F8D6C5F1005300BBB8C5B4E62E496B41D404576EFD68869DA14CD92C2EDFC6AAE9F735B87038D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C14019%2C117569&b=kkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=dcd73013d91bba824bb63c7df57e2eb5%2F11564415562883759876&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757333&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdnqbzwrnkect4zvdnyw27mgc0apd0cg8xf3mq9qfgtm9hdc8v32k8s99xqebeyqq13swv0p469sfg8d3egc279hayndrcz4bzy74n7j4s8xsee5hr0zr8x15r2ap5xs6hpj5q0czemxffn5td8dqtfjbn86zr510gmfay9rrv87vqz0pjd9n5z95b8mcqtga7d9kf5k463zcxfbn5e8vdy2akxtnadmrhfxy67ptv42bnc406znc9c5nnqqvgwmcmnd4mjfrzct66khbnxfgf7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c4ce8d34a9daa60952a5e3c77f6a430e87ef15ad67d03105131dcdeb04131d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1083481
cf-polished
qual=85, origFmt=jpeg, origSize=29501
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15016
cf-bgj
imgq:85,h2pri
last-modified
Mon, 06 Apr 2020 13:24:35 GMT
server
cloudflare
etag
"2ea521e9d32f25981bf850882042e821"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnyjmvViEE8bggS0vqf0NxjOf69jqNyB8g8KEugegc%2BUg1wtaUiHfcDH%2FSEeNT2mEgyBHWehNF9peeNIfMT5XWFiMuvDUVokrBI8oHBRTrq6bK%2B4IHiiqOFMRJOe0EtFYAFsPMVZUUbsoy5j"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8dd4a8fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
/
partner.o2online.de/a/ Frame 201B
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNSpr4KLg_0CFSGGgwcdOZQG_g;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=viewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023020710223881356755535X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023020710223881356755535X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020710223881356755535X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C14019%2C117569&b=kkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=dcd73013d91bba824bb63c7df57e2eb5%2F11564415562883759876&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757333&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdnqbzwrnkect4zvdnyw27mgc0apd0cg8xf3mq9qfgtm9hdc8v32k8s99xqebeyqq13swv0p469sfg8d3egc279hayndrcz4bzy74n7j4s8xsee5hr0zr8x15r2ap5xs6hpj5q0czemxffn5td8dqtfjbn86zr510gmfay9rrv87vqz0pjd9n5z95b8mcqtga7d9kf5k463zcxfbn5e8vdy2akxtnadmrhfxy67ptv42bnc406znc9c5nnqqvgwmcmnd4mjfrzct66khbnxfgf7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:38 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2023020710223881356755535X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020710223881356755535X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&partnerid=12218
date
Tue, 07 Feb 2023 09:22:38 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 201B 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C14019%2C117569&b=kkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=dcd73013d91bba824bb63c7df57e2eb5%2F11564415562883759876&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757333&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdnqbzwrnkect4zvdnyw27mgc0apd0cg8xf3mq9qfgtm9hdc8v32k8s99xqebeyqq13swv0p469sfg8d3egc279hayndrcz4bzy74n7j4s8xsee5hr0zr8x15r2ap5xs6hpj5q0czemxffn5td8dqtfjbn86zr510gmfay9rrv87vqz0pjd9n5z95b8mcqtga7d9kf5k463zcxfbn5e8vdy2akxtnadmrhfxy67ptv42bnc406znc9c5nnqqvgwmcmnd4mjfrzct66khbnxfgf7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1605269
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMoLRqRPpn1C8Pxv%2FuG9Dstx5J%2B14%2BqBP6Lv2w2PSj%2FZmauxp2krvQCrKkEFty40F%2BRQlv2FQijszUDkSNrkY06SB90oYfqfWYPbSH8OezrR9xj2e1u4JSzDi4QOgL80ABFChD30OJb%2FWlX3"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8df3c91d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 201B 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C14019%2C117569&b=kkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=dcd73013d91bba824bb63c7df57e2eb5%2F11564415562883759876&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757333&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdnqbzwrnkect4zvdnyw27mgc0apd0cg8xf3mq9qfgtm9hdc8v32k8s99xqebeyqq13swv0p469sfg8d3egc279hayndrcz4bzy74n7j4s8xsee5hr0zr8x15r2ap5xs6hpj5q0czemxffn5td8dqtfjbn86zr510gmfay9rrv87vqz0pjd9n5z95b8mcqtga7d9kf5k463zcxfbn5e8vdy2akxtnadmrhfxy67ptv42bnc406znc9c5nnqqvgwmcmnd4mjfrzct66khbnxfgf7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46641
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZS3yNYRIRy8%2BL9tRmJ9dwq742Q6Mi7zozz3RH4sGqOMegplrbKYvpiiqa4T8xXp3VSKLZCanGHYf%2FCA4rDj%2FHyhrc0kmVzYru6%2FRnQSqByOpPW93YWENBDnRQKFEAiOgGLJ%2FVp4%2B6LlroLw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8df3d91d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
ztpv.php
www.conrad.de/ Frame 201B
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f67387f0-a6c8-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
0
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f67387f0-a6c8-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C14019%2C117569&b=kkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=dcd73013d91bba824bb63c7df57e2eb5%2F11564415562883759876&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757333&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdnqbzwrnkect4zvdnyw27mgc0apd0cg8xf3mq9qfgtm9hdc8v32k8s99xqebeyqq13swv0p469sfg8d3egc279hayndrcz4bzy74n7j4s8xsee5hr0zr8x15r2ap5xs6hpj5q0czemxffn5td8dqtfjbn86zr510gmfay9rrv87vqz0pjd9n5z95b8mcqtga7d9kf5k463zcxfbn5e8vdy2akxtnadmrhfxy67ptv42bnc406znc9c5nnqqvgwmcmnd4mjfrzct66khbnxfgf7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 additional-webserver-blue-n1lg (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
492706807
content-type
text/html; charset=UTF-8
cache-control
no-cache
server-timing
intid;desc=a9c5e04d36002f39
cf-ray
795b0fea68673609-FRA
expires
-1

Redirect headers

Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f67387f0-a6c8-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 201B 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C14019%2C117569&b=kkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=dcd73013d91bba824bb63c7df57e2eb5%2F11564415562883759876&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757333&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdnqbzwrnkect4zvdnyw27mgc0apd0cg8xf3mq9qfgtm9hdc8v32k8s99xqebeyqq13swv0p469sfg8d3egc279hayndrcz4bzy74n7j4s8xsee5hr0zr8x15r2ap5xs6hpj5q0czemxffn5td8dqtfjbn86zr510gmfay9rrv87vqz0pjd9n5z95b8mcqtga7d9kf5k463zcxfbn5e8vdy2akxtnadmrhfxy67ptv42bnc406znc9c5nnqqvgwmcmnd4mjfrzct66khbnxfgf7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1781290
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLe%2FvZ63LhUNhfbADvmWP0PeI7P9VtA91A2DbKqGaDQJqQKQezePTc6x%2Bu2kgwqNamfylMRJ3hTZD9XBY%2F7utgScbQGJGRHMPlY7adoCtLXjVrpFoAELF%2FoEjoVZCLA6wH7GLzWhltEymnWa"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8df3e91d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 201B 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C14019%2C117569&b=kkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=dcd73013d91bba824bb63c7df57e2eb5%2F11564415562883759876&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757333&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdnqbzwrnkect4zvdnyw27mgc0apd0cg8xf3mq9qfgtm9hdc8v32k8s99xqebeyqq13swv0p469sfg8d3egc279hayndrcz4bzy74n7j4s8xsee5hr0zr8x15r2ap5xs6hpj5q0czemxffn5td8dqtfjbn86zr510gmfay9rrv87vqz0pjd9n5z95b8mcqtga7d9kf5k463zcxfbn5e8vdy2akxtnadmrhfxy67ptv42bnc406znc9c5nnqqvgwmcmnd4mjfrzct66khbnxfgf7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1084790
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0yVQMdSW1haxbKMnt6k5tMhemfvpFbe3YADhGAGYAUpjfL842MiAF20qEo8RWlLLfX9QJRnHj5yrmy4S90O0RdAUqLouPCclYLoEzOzxds%2BEGVexZFjk2%2B%2B4qBSjgYnOfyVf7dhTkoRjb%2Fu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8df3f91d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
cshow.php
www.awin1.com/ Frame 201B 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22925%2C14019%2C117569&b=kkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Ye%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=zGDuRfYfKPxupHBHMtJCzzAfVSwTQQ8fGm3k%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=300&d=250&e=&g=dcd73013d91bba824bb63c7df57e2eb5%2F11564415562883759876&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757333&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jdnqbzwrnkect4zvdnyw27mgc0apd0cg8xf3mq9qfgtm9hdc8v32k8s99xqebeyqq13swv0p469sfg8d3egc279hayndrcz4bzy74n7j4s8xsee5hr0zr8x15r2ap5xs6hpj5q0czemxffn5td8dqtfjbn86zr510gmfay9rrv87vqz0pjd9n5z95b8mcqtga7d9kf5k463zcxfbn5e8vdy2akxtnadmrhfxy67ptv42bnc406znc9c5nnqqvgwmcmnd4mjfrzct66khbnxfgf7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCQrCrWhjiY9nuGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgScAk_Qq_hDZyfyM-K3bfH2aYFqvviUIXIu3r2fjBGFX0jvlX4MSLZiqkaxqTtTjggSkDpMAFipxWopUgIOAHga4YJFqhHX5oqBQbi71VhMXmncZC8My14GsqSBGP96vOvnZRf5FMSh13keG5S6tjyyxQwsOExMB-XqjUmb-uN9_AtW20qXr27YFJv1e8uOvby3axNdSMR-hBB1l6sWBMwiIpmoLMoZslmosQLE1t73RlBRjiIADa-VjamEH9GLknnqMqJPoyCai89IsVAmOnRouRVP7CyYxc4X2JeLT80hNc9Zzd67HK8amypLuy6r5vN8IsLhe8rinw1rOVzRqmd5oXhfclbvdnc_BI8RhbeEYSVsSHLIFK7x684Bwsbr4AQBgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_02RFp5sW0Bnnxh8l6Md7zhwW95iA%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.75.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-75-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 8D92 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57630
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tZsBhEo2rVnT4KmMBDMs3V%2B3gFUF6u2Dzpt%2BCoEky6EsDQ7q7%2BEpB%2BBbqeUdgLm4y1xjsIiiZhnyUaq1xsSN7I3Tj8dxUMzqVvTz4Ojdz2SMiNFbq2uOxT40UZZUrqH05QZVWYP0FM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fe8bf2391d2-FRA
expires
Tue, 07 Feb 2023 10:22:37 GMT
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 8D92 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1593066
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRJMXI6bN9Iq08BjQF7W9yHhrHd08w8mfvXvKrEwy11PcmT4a6u%2B3VEEVu2P999QX1iCNXix4n%2FjrOWXtrwkfrdUhauXMbvhZ8IVlIb7GfTu12I0wG4X8DOaZdo0LsBg6vTmtT2iuJI3dQvK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8cd3c8fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 8D92 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46641
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueebgQREhJ1LCxHD1nAoNGvX8r93Lgp05PE%2FRtHheep0ZJG1B8fSQ0rjhPkvvz0m1Y9pHZgB2tIlWsOv6yceL5r%2FL9a9A10j9j%2Bg%2B9ww%2BcOJSV4HjYNeh9l3hJcS77RnIv1SNueixS0R9r7r"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8df4091d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
ztpv.php
www.conrad.de/ Frame 8D92
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f6775880-a6c8-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f6775880-a6c8-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 additional-webserver-blue-n1lg (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
492706819
content-type
text/html; charset=UTF-8
cache-control
no-cache
server-timing
intid;desc=7394dc6b3b524e95
cf-ray
795b0feaa8c33609-FRA
expires
-1

Redirect headers

Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f6775880-a6c8-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 8D92 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2301417
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130162
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXB8G5TKCsW3h23ptc5yTSFKgKHwr30ZNCoE3tvU6r1omIau0m1lohhQythFKjvV5872wpYF52VAsvmw5a5eg%2BDmdsKkPoOC3vFdQUkQxZbU%2BaaX3LapQCajYmbhLjddrWFT6WS0NRhPr48A"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8df4291d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 8D92 		461 KB
461 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1132455
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RehHRZ15gsEnsWOgVlXrZSyRA7Cu5G4HtLrbtzKzbGiCIg0Extk3%2FtfL%2FubQl8EwS3CJV0vpzppUjeHo06EPXQKwrUD3d30TTZjKJDHS6aCxQ61sL7eBwQOagoKVM3LJvrwCskebMQT9XrMU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8df4391d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame 8D92 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1782855
cf-polished
origFmt=png, origSize=85233
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54280
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:18:26 GMT
server
cloudflare
etag
"0bc184d99872986e7c36d6945f607e59"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpzR9nRnMTf537%2BRKvFGr9vZAdFmyaPfU95UmTgoUe9Ea54QsmYCNPb3tr%2BH65pcS5WBdxTp3%2F6UHlP0HUgrtoA1aBTc9DEe8NXaMzBevnR3S8r7tG38t3Qt%2FHs75vo%2FUDIS7PAvyl5MmxjC"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8df4491d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame 8D92 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
984104
cf-polished
origFmt=png, origSize=311499
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
197460
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:45:43 GMT
server
cloudflare
etag
"3e47fe2e828ecba46fd7e6ae452966ae"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnOU2JpZQmk0qFzRW2N0WKtfQQpIwt7ghLz7AdM723ZR4qSKbOrufOvfU73jtZEWkbs2ZvZrKJZmJBsoiU%2BXxRkD8kGCmBEYpFho81JwpaVzwIMne8nW39UDnAQMCUdpJ25eyeNFq5N6AO9M"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8df4591d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame B9CF 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57630
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ahu%2FDvzvoBzvayVKbzAY7USJWDPxalOXZ12kgOgvju19mS4qtFN8GEyg0u%2Bq11fG5Hlb%2Blv2%2FKJHkD0LreC5c9neBDQGeZcjCmTrzC1xDg5z7SuWxY7lAmlo76znxFZnjNHf4RAXcDs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fe8cf3491d2-FRA
expires
Tue, 07 Feb 2023 10:22:37 GMT
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame B9CF 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2647001
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mr2FS%2B07EQd1YbkGey4bm%2FXuwRU%2Fv0WqEcn1oiCe7yU%2B73iynL9P%2BMpMkIE0KIa8ezaxf4F7kyNKp0jDrWrcwGFVWljpE%2F%2BNM4y%2FAPLvMSDnxsYfomk5VZM1ewCMKMg%2BBmc2%2F%2F17ZGYfEAAY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8cd3d8fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
assets.ad4m.at/product_image/ Frame B9CF 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1527667
cf-polished
qual=85, origFmt=jpeg, origSize=72345
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44118
cf-bgj
imgq:85,h2pri
last-modified
Tue, 14 Jun 2022 09:41:24 GMT
server
cloudflare
etag
"ed6f7b3b1b04cd5f78cf354be09c981b"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8OS92iepoqX1IbpUpfNle%2B6XMC0rvnVgAi92EQGVdaoVwDX7KIqVb%2BTLHUAjra2q7OrT3gL2M7JfJQA22BayXPSx0dSD8UQ9t28rSo0VnQAcWaKrO7mAb3m0vn3ysVAfBTdxcHhulHSChVk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8ff6691d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
/
banner.congstar.de/cookie/ Frame B9CF
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJCor4KLg_0CFWTjuwgdSTQDwQ;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidQM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQroneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675761757_f69f04c1-a6c8-11ed-a8d1-22346ba814b1
0
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675761757_f69f04c1-a6c8-11ed-a8d1-22346ba814b1
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS
km36617.keymachine.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:37 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
0

Redirect headers

Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675761757_f69f04c1-a6c8-11ed-a8d1-22346ba814b1
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame B9CF 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2301417
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130162
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMhfih27oE%2BJKbPnFAB43wcZHWzc30p%2Be7ElUANpPpOWpKIil9Dxb021EQc3ishXc6BpLXFjO7IEBQ7wG5kWK3M%2FiJ%2FPqlYIRwK3lsduXrYlWtbiitauZAggfMRdnmr3fG8Ejc42tEPwNsGQ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8ff6791d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame B9CF 		461 KB
461 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1132455
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98w1Z%2FM4DucHN%2BRSqu7jxv3fyUtinQx2WzUS9OsJojwaV%2Fa%2FcQVqmxKIQRE78LUmvXiL2zCHZPZtJTwZzL7qfQTI0wcpuMPurgT1bEfoswFLzcyfSzlxmzW4ivmhiqP72TvS5TTRFkTMP4H4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8ff6891d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame B9CF 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0daf9721063a9c0431d4f2097dd6377d04f83ef93b3802832f1cceed3fd16ce2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1918277
cf-polished
origFmt=png, origSize=35453
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18872
cf-bgj
imgq:85,h2pri
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUrxb8BV31upJeVKVIZMaUtEt1G%2BhGX%2BylfLpiC1jFFq1HvDr4OpVQwrHgGPKmRbSI0RUJAxnz68fVIiJEDuDQ18KeekD%2BxLj6INmXll5pZj%2By%2BUmiTWiEhpy0y6%2B6jPT1u0DeWZfYsT70hz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8ff6991d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame B9CF 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
890687
cf-polished
qual=85, origFmt=jpeg, origSize=83479
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9260
cf-bgj
imgq:85,h2pri
last-modified
Mon, 29 Nov 2021 15:03:15 GMT
server
cloudflare
etag
"70d78c6b26d24e038cbf23832e1bb538"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4RSa8PgAH7%2BmiD0QOrFDq5uOTxtPqH84m%2BkXmUwGc5vMGc8C3%2Fdz9bvdJ0cv20NREj0rBRwW3qlokUwU8f%2FKvwDQdfx0YTfshNPPAXRh%2BY0zhsFt9uC50gnVEzMpZExiXqT%2BaD6R6U5A0fH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8ff6a91d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
cshow.php
www.awin1.com/ Frame B9CF 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneidpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1oneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.75.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-75-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 1729 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz&c=300&d=50&e=&g=faf51af2a100adf3764cd428b692c95c%2F13791815436736438511&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757338&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geztzq7b84k05f5b2tpcm536ktrd9rxqn4tts10adm3kktsmh274ddkgjh2hzkxshx4p2811ktwz7p2b9q11tnw2dnt4n9ve3f1wpnrng81sbqhxj2vy25xd9p47dn2f4gxpkwvxz1gjx6dcg4xyxjym09qzbg0h0w09xxb2prk2cqe6gj9rbdgnna8x2qqrf1rqnfj5gf1b29r1vdta1rt1t486s9dbd2ha67sec3p759qzsze1zqnvacq17j9p41fxwsxc5v6e06r4fx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo7ZJWhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf79EiS92KMlZ7gWhZRxjPAsTgf5n8oykAU5Hnc4vRRWudzfvBqHSSN9ZY-AEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0eydoCOmNS9PMvixd6cclmJyvkNQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=196438&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz&c=300&d=50&e=&g=faf51af2a100adf3764cd428b692c95c%2F13791815436736438511&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757338&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geztzq7b84k05f5b2tpcm536ktrd9rxqn4tts10adm3kktsmh274ddkgjh2hzkxshx4p2811ktwz7p2b9q11tnw2dnt4n9ve3f1wpnrng81sbqhxj2vy25xd9p47dn2f4gxpkwvxz1gjx6dcg4xyxjym09qzbg0h0w09xxb2prk2cqe6gj9rbdgnna8x2qqrf1rqnfj5gf1b29r1vdta1rt1t486s9dbd2ha67sec3p759qzsze1zqnvacq17j9p41fxwsxc5v6e06r4fx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo7ZJWhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf79EiS92KMlZ7gWhZRxjPAsTgf5n8oykAU5Hnc4vRRWudzfvBqHSSN9ZY-AEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0eydoCOmNS9PMvixd6cclmJyvkNQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57630
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcUP0OtBv79Zv4Xu9JnJXD2xiXtIn%2BOT5C0rCSNf1w%2FvwcqQTJuaQacZDgfsLzAiwwNQodN22WvKd8R8XXDkg72VpBou%2BmMMC1Wa%2BfjBHEwT81RZ3KAqLpFfdGFXEJkzaxoPoEAa8bQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fe8cf3991d2-FRA
expires
Tue, 07 Feb 2023 10:22:37 GMT
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 1729 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz&c=300&d=50&e=&g=faf51af2a100adf3764cd428b692c95c%2F13791815436736438511&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757338&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geztzq7b84k05f5b2tpcm536ktrd9rxqn4tts10adm3kktsmh274ddkgjh2hzkxshx4p2811ktwz7p2b9q11tnw2dnt4n9ve3f1wpnrng81sbqhxj2vy25xd9p47dn2f4gxpkwvxz1gjx6dcg4xyxjym09qzbg0h0w09xxb2prk2cqe6gj9rbdgnna8x2qqrf1rqnfj5gf1b29r1vdta1rt1t486s9dbd2ha67sec3p759qzsze1zqnvacq17j9p41fxwsxc5v6e06r4fx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo7ZJWhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf79EiS92KMlZ7gWhZRxjPAsTgf5n8oykAU5Hnc4vRRWudzfvBqHSSN9ZY-AEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0eydoCOmNS9PMvixd6cclmJyvkNQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2647001
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3pNFM2ZmXzWiVs87e4JCm%2Bf70Qf4RiuIMyxPiOgxm%2BHh0QMW24PAhXdsY5YQ9EHCloUO7vrJhyF0mQe8FlfNFhGLi4sI%2BH208kb17Qi9MdJnjVfPovdlKCKlGo%2FzOaqWjvmVpKify0s120R"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8cd3f8fd0-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
assets.ad4m.at/product_image/ Frame 1729 		317 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz&c=300&d=50&e=&g=faf51af2a100adf3764cd428b692c95c%2F13791815436736438511&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757338&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geztzq7b84k05f5b2tpcm536ktrd9rxqn4tts10adm3kktsmh274ddkgjh2hzkxshx4p2811ktwz7p2b9q11tnw2dnt4n9ve3f1wpnrng81sbqhxj2vy25xd9p47dn2f4gxpkwvxz1gjx6dcg4xyxjym09qzbg0h0w09xxb2prk2cqe6gj9rbdgnna8x2qqrf1rqnfj5gf1b29r1vdta1rt1t486s9dbd2ha67sec3p759qzsze1zqnvacq17j9p41fxwsxc5v6e06r4fx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo7ZJWhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf79EiS92KMlZ7gWhZRxjPAsTgf5n8oykAU5Hnc4vRRWudzfvBqHSSN9ZY-AEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0eydoCOmNS9PMvixd6cclmJyvkNQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1082690
cf-polished
origFmt=png, origSize=451997
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
324760
cf-bgj
imgq:85,h2pri
last-modified
Tue, 14 Jun 2022 08:21:28 GMT
server
cloudflare
etag
"7dada3f3f6321a7ee4badc53b11da1f3"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qi2aZXO%2BS3aup%2BMUxQDXFTYddUmxUb8kLqY6Ee6RD4cS%2BgSit1XQ6l0A11l99IpJVS%2FJyEeGhf6tuiJttZvI7EEJMs154xMKnc9RZNuOFxwOiI8bycItlAmaCY034KQBVixg0mybVJxa7%2BGI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe90f7891d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
/
banner.congstar.de/cookie/ Frame 1729
Redirect Chain
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneid241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwVoneid__suite_Netmix_Reach14_AKTION&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675761757_f68a6b50-a6c8-11ed-acb0-22645d5ed731
0
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675761757_f68a6b50-a6c8-11ed-acb0-22645d5ed731
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438&b=241U6fqfj6xBsVHWHkt8tREbaxS7T7R6uwV&f=4QZHEf5fAYZ9CGH9HdtzCjWrtbSpTrgbCXz&c=300&d=50&e=&g=faf51af2a100adf3764cd428b692c95c%2F13791815436736438511&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757338&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1geztzq7b84k05f5b2tpcm536ktrd9rxqn4tts10adm3kktsmh274ddkgjh2hzkxshx4p2811ktwz7p2b9q11tnw2dnt4n9ve3f1wpnrng81sbqhxj2vy25xd9p47dn2f4gxpkwvxz1gjx6dcg4xyxjym09qzbg0h0w09xxb2prk2cqe6gj9rbdgnna8x2qqrf1rqnfj5gf1b29r1vdta1rt1t486s9dbd2ha67sec3p759qzsze1zqnvacq17j9p41fxwsxc5v6e06r4fx0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo7ZJWhjiY4nyGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUR3F3va2c2Py7PelKFpZtvY6K_Q537bblOOBN6QV4eScBQRsTQM4roMfNomGe-D6UJOJR8X3bIIhrQ8zCFOGZGoYg4MI36yeE3muW0vSfGId79nD9pT1bhy80zFnlq-YEa8JS5g2AYunltt88Og9JJZ6Z1LTLpAI6VZ2v7yNbZq-o1qfElMvYft_6-WQ9rKDjum2AW_hh4nzGTXp8-fw1d39wUTSr2k6KOCGb4jaCuvaqQAHQcHPt_BaUqzxo0wOMdhLUxNR2ZwNXtqguvW9j7GM4rKrvhWRjthAcTC552LUfLU-b7RdYnx4ssE-k2B5YLeCtIqvf79EiS92KMlZ7gWhZRxjPAsTgf5n8oykAU5Hnc4vRRWudzfvBqHSSN9ZY-AEAYAGobHOjY7U5c3kAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0eydoCOmNS9PMvixd6cclmJyvkNQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
87.118.116.9 , Germany, ASN31103 (KEYWEB-AS, DE),
Reverse DNS
km36617.keymachine.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:37 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1675761757_f68a6b50-a6c8-11ed-acb0-22645d5ed731
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
ad
v.lkqd.net/ Frame 8CFF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=17034828&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
3f2e7ed2419fd15df10aa7286b038bfd905310bc5c3097d078990e88eb3069d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:37 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml; charset=UTF-8
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1405
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame D681 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=9a934c8011023aaed3bcec722bc92fb2%2F4393075690616156216&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hb1c3yefm9956dv8av8yqna334dqtzg7j4dyxpszgpgwvncmrn4hc5xqecrn24kcgb8gvh6phyj8k1x6dg6merxmfxqnzkgwgm6w62xmy2cqfhj25hafhgd61yyz58w3jdj8m5vw6kjjvk85bd5tgegmkgtsjtmyn6ght9ss05pv52y9fahdz9kcj20yqyry9z5yem4rcmmmdq7qbwm6ar2zk9cdfqwm96d2pk7hae8zy8fxw770b7kcfb5db2pgzf3pre9h13j9p2f6qd64bdj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=9a934c8011023aaed3bcec722bc92fb2%2F4393075690616156216&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hb1c3yefm9956dv8av8yqna334dqtzg7j4dyxpszgpgwvncmrn4hc5xqecrn24kcgb8gvh6phyj8k1x6dg6merxmfxqnzkgwgm6w62xmy2cqfhj25hafhgd61yyz58w3jdj8m5vw6kjjvk85bd5tgegmkgtsjtmyn6ght9ss05pv52y9fahdz9kcj20yqyry9z5yem4rcmmmdq7qbwm6ar2zk9cdfqwm96d2pk7hae8zy8fxw770b7kcfb5db2pgzf3pre9h13j9p2f6qd64bdj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57630
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aELAUXTIjlwT5WU%2Bl%2FCvpnPYj6YVKmdCFUhwmRxk%2FY3HtIPdcUHStsusvgLCJrKN4wNhkuJV5oFG7Mu7BoBRyxNNdJQw8tHT9aL1EQLGE%2FV3EK2Il8l7gCMgWTYYcx1xD0S%2BW25Z0N4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fe8ef5391d2-FRA
expires
Tue, 07 Feb 2023 10:22:37 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame D681 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=9a934c8011023aaed3bcec722bc92fb2%2F4393075690616156216&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hb1c3yefm9956dv8av8yqna334dqtzg7j4dyxpszgpgwvncmrn4hc5xqecrn24kcgb8gvh6phyj8k1x6dg6merxmfxqnzkgwgm6w62xmy2cqfhj25hafhgd61yyz58w3jdj8m5vw6kjjvk85bd5tgegmkgtsjtmyn6ght9ss05pv52y9fahdz9kcj20yqyry9z5yem4rcmmmdq7qbwm6ar2zk9cdfqwm96d2pk7hae8zy8fxw770b7kcfb5db2pgzf3pre9h13j9p2f6qd64bdj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1085144
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mIK%2BPyoC0%2Bwi42D%2BsRr0f7I0t0dogESYI7su42Tl50PAEHF8CVvdg3GLPwSgWX0FBf4Gv7Mmk7MkLKnPr0oHkJPNQ8oiboFZCEtmhBs2fgLZVPFozS5W9FuJvy4boPU%2BMR7L3sGO00DhqcBZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8ef5491d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame D681 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=9a934c8011023aaed3bcec722bc92fb2%2F4393075690616156216&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hb1c3yefm9956dv8av8yqna334dqtzg7j4dyxpszgpgwvncmrn4hc5xqecrn24kcgb8gvh6phyj8k1x6dg6merxmfxqnzkgwgm6w62xmy2cqfhj25hafhgd61yyz58w3jdj8m5vw6kjjvk85bd5tgegmkgtsjtmyn6ght9ss05pv52y9fahdz9kcj20yqyry9z5yem4rcmmmdq7qbwm6ar2zk9cdfqwm96d2pk7hae8zy8fxw770b7kcfb5db2pgzf3pre9h13j9p2f6qd64bdj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1918280
cf-polished
qual=85, origFmt=jpeg, origSize=132437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C25WMnsAezj7UGukhPrLJTrGkNj54UIeBW8iQfo2kpyMJigzUIXBPpX0343GyIFat8dPL2Lahci9sOGYoPCANjtax8EdzuBzknezPOV4lTaoaLrIB%2FlGvOiXa6Kjr%2FQOvPNVNQCoC1ez5CgA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe91f8091d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
/
partner.o2online.de/a/ Frame D681
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CJqvr4KLg_0CFd6g_QcdllMO2Q;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023020710223881356755539X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023020710223881356755539X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020710223881356755539X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=9a934c8011023aaed3bcec722bc92fb2%2F4393075690616156216&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hb1c3yefm9956dv8av8yqna334dqtzg7j4dyxpszgpgwvncmrn4hc5xqecrn24kcgb8gvh6phyj8k1x6dg6merxmfxqnzkgwgm6w62xmy2cqfhj25hafhgd61yyz58w3jdj8m5vw6kjjvk85bd5tgegmkgtsjtmyn6ght9ss05pv52y9fahdz9kcj20yqyry9z5yem4rcmmmdq7qbwm6ar2zk9cdfqwm96d2pk7hae8zy8fxw770b7kcfb5db2pgzf3pre9h13j9p2f6qd64bdj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:38 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023020710223881356755539X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020710223881356755539X120211V1226132702MSviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=120211&partnerid=12218
date
Tue, 07 Feb 2023 09:22:38 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame D681 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=9a934c8011023aaed3bcec722bc92fb2%2F4393075690616156216&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hb1c3yefm9956dv8av8yqna334dqtzg7j4dyxpszgpgwvncmrn4hc5xqecrn24kcgb8gvh6phyj8k1x6dg6merxmfxqnzkgwgm6w62xmy2cqfhj25hafhgd61yyz58w3jdj8m5vw6kjjvk85bd5tgegmkgtsjtmyn6ght9ss05pv52y9fahdz9kcj20yqyry9z5yem4rcmmmdq7qbwm6ar2zk9cdfqwm96d2pk7hae8zy8fxw770b7kcfb5db2pgzf3pre9h13j9p2f6qd64bdj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1605269
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ss4Bzx7QYaOm8zqPLcywR1sy6JkBEGFOsq8sKW6Y8lA%2BIwiM8es7JiY4fhGzX2TiO32Cwzzvb8sGM%2B4e998dLkaJTQ%2FHuUjeM%2FV8FMM5GxRBfeRNsBvnl1rSBaVN1sAORqkJZezc0Kf69MDd"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe91f8191d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame D681 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=9a934c8011023aaed3bcec722bc92fb2%2F4393075690616156216&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hb1c3yefm9956dv8av8yqna334dqtzg7j4dyxpszgpgwvncmrn4hc5xqecrn24kcgb8gvh6phyj8k1x6dg6merxmfxqnzkgwgm6w62xmy2cqfhj25hafhgd61yyz58w3jdj8m5vw6kjjvk85bd5tgegmkgtsjtmyn6ght9ss05pv52y9fahdz9kcj20yqyry9z5yem4rcmmmdq7qbwm6ar2zk9cdfqwm96d2pk7hae8zy8fxw770b7kcfb5db2pgzf3pre9h13j9p2f6qd64bdj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46641
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYnrDV5bk4tjBAz6TN4%2FHqkwjrWZLwDN%2BikPJIxtOrRG8bToIfsX6DXKC4DlZKNyv2DZV%2BKRtELDWLrxD3CmYDx0xktWizkXuRdCCU%2BRutxueqflg590L1PcDeqIXw84sFm1w57X7yHbvZ%2Fh"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe91f8291d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
ztpv.php
www.conrad.de/ Frame D681
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f68fe990-a6c8-11ed-ab4b-226222ea62e0&insert=AW&&gdpr=0&gdpr_consent=
0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f68fe990-a6c8-11ed-ab4b-226222ea62e0&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=9a934c8011023aaed3bcec722bc92fb2%2F4393075690616156216&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hb1c3yefm9956dv8av8yqna334dqtzg7j4dyxpszgpgwvncmrn4hc5xqecrn24kcgb8gvh6phyj8k1x6dg6merxmfxqnzkgwgm6w62xmy2cqfhj25hafhgd61yyz58w3jdj8m5vw6kjjvk85bd5tgegmkgtsjtmyn6ght9ss05pv52y9fahdz9kcj20yqyry9z5yem4rcmmmdq7qbwm6ar2zk9cdfqwm96d2pk7hae8zy8fxw770b7kcfb5db2pgzf3pre9h13j9p2f6qd64bdj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:38 GMT
via
1.1 additional-webserver-blue-n1lg (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
492706829
content-type
text/html; charset=UTF-8
cache-control
no-cache
server-timing
intid;desc=128d1794afb5d2dd
cf-ray
795b0feb398c3609-FRA
expires
-1

Redirect headers

Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f68fe990-a6c8-11ed-ab4b-226222ea62e0&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame D681 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=9a934c8011023aaed3bcec722bc92fb2%2F4393075690616156216&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hb1c3yefm9956dv8av8yqna334dqtzg7j4dyxpszgpgwvncmrn4hc5xqecrn24kcgb8gvh6phyj8k1x6dg6merxmfxqnzkgwgm6w62xmy2cqfhj25hafhgd61yyz58w3jdj8m5vw6kjjvk85bd5tgegmkgtsjtmyn6ght9ss05pv52y9fahdz9kcj20yqyry9z5yem4rcmmmdq7qbwm6ar2zk9cdfqwm96d2pk7hae8zy8fxw770b7kcfb5db2pgzf3pre9h13j9p2f6qd64bdj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1781290
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVSORZEINatx4sp%2FWlfiGjVtjNjOto6DlSYxcyhzknl3hEaCPyIUsOgmgQ08I%2BJVhCGdLHq2wSWWoDOK6h9iQFoQmYtRfYOkJXswCIzLII4cZ79Xvpr35SkbsPH5zYtNnzpulsTIgRs036zg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe91f8391d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame D681 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=9a934c8011023aaed3bcec722bc92fb2%2F4393075690616156216&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hb1c3yefm9956dv8av8yqna334dqtzg7j4dyxpszgpgwvncmrn4hc5xqecrn24kcgb8gvh6phyj8k1x6dg6merxmfxqnzkgwgm6w62xmy2cqfhj25hafhgd61yyz58w3jdj8m5vw6kjjvk85bd5tgegmkgtsjtmyn6ght9ss05pv52y9fahdz9kcj20yqyry9z5yem4rcmmmdq7qbwm6ar2zk9cdfqwm96d2pk7hae8zy8fxw770b7kcfb5db2pgzf3pre9h13j9p2f6qd64bdj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1084790
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyCBtwwsRz8iBXv9nArbHiBvU5DgeYa9NuhW0fdLhUIe5S1RgfRwqnHTbaSK5uoV0uiWxzT3mLEsgydJ7e4PQ7QMYcoY1b20DNMdKZHMa8z2OUTaSCrkzY334rNZU0cVSBb0NsfXw%2B7s34gl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe91f8491d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
cshow.php
www.awin1.com/ Frame D681 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=9a934c8011023aaed3bcec722bc92fb2%2F4393075690616156216&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757368&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hb1c3yefm9956dv8av8yqna334dqtzg7j4dyxpszgpgwvncmrn4hc5xqecrn24kcgb8gvh6phyj8k1x6dg6merxmfxqnzkgwgm6w62xmy2cqfhj25hafhgd61yyz58w3jdj8m5vw6kjjvk85bd5tgegmkgtsjtmyn6ght9ss05pv52y9fahdz9kcj20yqyry9z5yem4rcmmmdq7qbwm6ar2zk9cdfqwm96d2pk7hae8zy8fxw770b7kcfb5db2pgzf3pre9h13j9p2f6qd64bdj%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC7bckWhjiY-jrGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSmAk_QC1ttJzPUwWUWyxswqXj1qxI2d_M22ay7znsBFLMZNIUnMyXaPVzBcpPxCLlGW9Zn7O0JN-kXXJyhtTxhQmq75338WfHQXZxIpSzceXn92ThRdiXLT6aDBx0SFVT1HzMPl6Mq4TzJMoPGqa1o9YsqnRZyteorDU-IRmy1ipEnP75O-atW-LHZV-moOysc-fD0WRKUDfosYRuH2jKrR2Vn95sJw084yIpC9NnA_ApKVaFs-_lwUryMYMyqBgbk1QIGih37JLVwuEzhQ80jVxmW893-XJD0j_DI-BTahBzC_3EYAXzAQFi1-H7gdOv3RYc7M5rEiqfzpG9QjfvM0y58cV9L5aaEQyqYyKjs47gQWAC0IOLPjjQblOZ4gjHKyNui9rXtTOAEAYAGueqywdfTjrq-AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0COZxL-TQav8WrJeYix-RTthkQ5g%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.75.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-75-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 4348 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=160&d=600&e=&g=2aaddd651aa00f888982e71fe970275c%2F12755215677127775712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757339&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=160&d=600&e=&g=2aaddd651aa00f888982e71fe970275c%2F12755215677127775712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757339&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57630
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2nEJbsS%2BDG7JNPYBq8Nj35CzlodQhsI8Xu8cZnf34kL1XoGxEIKFZEvBwWu6TgoibCVmxRoX2UYCNk9vag1I4RGali6SqtZ%2FGcnoF6pG%2FhqM%2Fj1dUnJTT4ChBQqR9oClg92B1vExLU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fe8ff6391d2-FRA
expires
Tue, 07 Feb 2023 10:22:37 GMT
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 4348 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=160&d=600&e=&g=2aaddd651aa00f888982e71fe970275c%2F12755215677127775712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757339&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1605269
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHv5xTBCwTdiHWFBapUcWCYSyQsUEhyqI2a4srSe2skvvk6v4Gpurh3E2je2ThNoJju3DRPQXpO%2BcbNXxuIho9X%2BACBujaD2aGcC9s4FrVumiOd5TTegMQoyVwlAjBfy85OHfsXln70R2uy5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8ff6591d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 4348 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=160&d=600&e=&g=2aaddd651aa00f888982e71fe970275c%2F12755215677127775712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757339&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46641
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5RNW93QSLDibAIGUAkGORTQyId3cwa%2BHYt%2BEmX3EimocKjgjRJkI7nN1rEQhPI%2FrLBZiexB1GAoy2dVWgaqCRc0Xbp6Y%2By9cRJPU7NdqKB9hY5mwhUJyMMM9eNgDPB4SlTuHC8CX14I9PbG"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe91f8591d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
ztpv.php
www.conrad.de/ Frame 4348
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f696c760-a6c8-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f696c760-a6c8-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=160&d=600&e=&g=2aaddd651aa00f888982e71fe970275c%2F12755215677127775712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757339&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
via
1.1 additional-webserver-blue-n1lg (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
470584466
content-type
text/html; charset=UTF-8
cache-control
no-cache
server-timing
intid;desc=bbabd1de2ad8e5df
cf-ray
795b0feb499f3609-FRA
expires
-1

Redirect headers

Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f696c760-a6c8-11ed-9a3d-2232032dcacf&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 4348 		127 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=160&d=600&e=&g=2aaddd651aa00f888982e71fe970275c%2F12755215677127775712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757339&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2301417
cf-polished
origFmt=png, origSize=233620
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130162
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfedkY%2FqWUWC%2Bv0jkJ1QFxRxYABGHOYY4iovwu25KZE5gty156tYewVqPCnUGE9lpxukrlNmZK%2FquT9gNwLAAkTPoMgQL922CWH1CyiE3IGkYK%2BLAd79uIYjjGhcTi5CZpWpwMRZl2J5WckB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe91f8791d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 4348 		461 KB
461 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=160&d=600&e=&g=2aaddd651aa00f888982e71fe970275c%2F12755215677127775712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757339&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1132455
cf-polished
origFmt=png, origSize=731561
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
471752
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhwrwNt1jUXQDZ5QFXWWMh0tUo8BeC0ePT289EfpadjZoH3ZCdFE7c0Ffzxc6G1d3nXN1kMVhuhWmWrOcKpzSLnH1iRitCpfNljB9hWzylrDVdKi%2B%2FBSzJlBi0HcmfGVSE7td7dnNh7q1cFw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe91f8891d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
assets.ad4m.at/logo/ Frame 4348 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/32F23C7559EE7EB10B0612EC54855DCC534784F93890DD11CBD844681DEF4739C06EF675715F3D3A7EA93E8627400F67EC439A270FF5E659B22B480C0A0343DC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=160&d=600&e=&g=2aaddd651aa00f888982e71fe970275c%2F12755215677127775712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757339&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1782855
cf-polished
origFmt=png, origSize=85233
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54280
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:18:26 GMT
server
cloudflare
etag
"0bc184d99872986e7c36d6945f607e59"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8B39XQ4%2B5dhu0ZxBCUyRvDMZ3TQ0tosUMupuZpGSNICjAO9ErFEaEYDrdT33VFQ4SDf37N0K7pXb6FG4pVkJHtwbjIOQ85AbmfL%2BkKaGzHBYbmYAFNcua6b8K7SNI4z%2F4BsZLF1JCPW%2Bhg0O"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe91f8991d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
assets.ad4m.at/product_image/ Frame 4348 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/831D0FE32B145B761077CFC592BD206C2CE087B565208A08CBD98E3B38F09AC68B46D6E1256C993416DA9EF02099D633246555FC17762F3E215B6156D6F4C095
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=160&d=600&e=&g=2aaddd651aa00f888982e71fe970275c%2F12755215677127775712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757339&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
984104
cf-polished
origFmt=png, origSize=311499
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
197460
cf-bgj
imgq:85,h2pri
last-modified
Wed, 16 Nov 2022 17:45:43 GMT
server
cloudflare
etag
"3e47fe2e828ecba46fd7e6ae452966ae"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3wrbXFydaGOE2EQRnX8egVBNrnIj9pyCxBtOaXd9rkVv%2FE%2BJZEwQUhO6z6Ai5BYm27gMtvGNtWOCKLHK%2B6X5hjwLnyVJnu7MFSo7RxNUyZgGFrQFuxDnw0rgJr%2FD0g8AIUL0WecOkiguiIM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe91f8a91d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
default.css
as.ad4m.at/ad/style/0.1.32/one-ad/ Frame 23B7 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.32/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C14019%2C117569&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=970&d=90&e=&g=7a6057afdd8125553e67a2079e020180%2F10502505646532520483&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6t5n1whyt6y1ts9p9qwb7gt3pyn93gbc436rczw1jgc9t5dzamz71p21vazme2an7r397gndjjbzsq99z98jpcyw6da0mdemnsfzyrrjw66jrdrpm0scverjrcpk6fnewp5fs7w0v0m1kwhrpzkn6bsytxq8xvj26qzpms2v2wnddzcqkg6aahd7mdqkegfre2dq69mr2edbytasazvwrgb3rc41yhr37kqrv6njm395hv14jgxy17cz3tdaysc8r646ex0vk76h32drdvk838%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19458%2C14019%2C117569&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=970&d=90&e=&g=7a6057afdd8125553e67a2079e020180%2F10502505646532520483&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6t5n1whyt6y1ts9p9qwb7gt3pyn93gbc436rczw1jgc9t5dzamz71p21vazme2an7r397gndjjbzsq99z98jpcyw6da0mdemnsfzyrrjw66jrdrpm0scverjrcpk6fnewp5fs7w0v0m1kwhrpzkn6bsytxq8xvj26qzpms2v2wnddzcqkg6aahd7mdqkegfre2dq69mr2edbytasazvwrgb3rc41yhr37kqrv6njm395hv14jgxy17cz3tdaysc8r646ex0vk76h32drdvk838%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1675703448
age
57630
cf-polished
origSize=96968
x-guploader-uploadid
ADPycduPG0ehavgNXUZc4uWv8t9nqjL7klmDMVArKM3FUMQcYy3CEqwYioizGOQCZunQIkti-AOvypQXHfSu3yVsliqx2ru4ljKH
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 06 Feb 2023 17:11:25 GMT
server
cloudflare
etag
W/"6110dc3a24c902508647a582294bcc25"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1675703485718192
content-type
text/css
x-goog-hash
crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzXBTHrT2Yd96mQSoN7RToxDGe3uI6bPASoDPCKK7PuJVtDs2XZl2UdAEd1K7H1Gxp4ohYjwRMXk6kAuElp4Dhc%2F41vnVdtlGRXn2NfrlBu8xScOqmmtA9dIQGPe8afrjVkZPkLkMV8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
96968
cf-ray
795b0fe8ff7491d2-FRA
expires
Tue, 07 Feb 2023 10:22:37 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 23B7 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C14019%2C117569&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=970&d=90&e=&g=7a6057afdd8125553e67a2079e020180%2F10502505646532520483&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6t5n1whyt6y1ts9p9qwb7gt3pyn93gbc436rczw1jgc9t5dzamz71p21vazme2an7r397gndjjbzsq99z98jpcyw6da0mdemnsfzyrrjw66jrdrpm0scverjrcpk6fnewp5fs7w0v0m1kwhrpzkn6bsytxq8xvj26qzpms2v2wnddzcqkg6aahd7mdqkegfre2dq69mr2edbytasazvwrgb3rc41yhr37kqrv6njm395hv14jgxy17cz3tdaysc8r646ex0vk76h32drdvk838%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1085144
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NpYUpWtE5fX8jaV%2B9UhGIJ9tJeHiD6y6Q4vMyYuoYYJMOKaSDY6EOUfwvQJJ9smnzeeRCGezmG8mBrmOuMGjbXt9ncOdKwGKsyBnn2J5uY2pHyI%2B7LX0Sli32YEXf3hGv8I0NGv2jojzJWR"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe8ff7591d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
assets.ad4m.at/product_image/ Frame 23B7 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C14019%2C117569&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=970&d=90&e=&g=7a6057afdd8125553e67a2079e020180%2F10502505646532520483&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6t5n1whyt6y1ts9p9qwb7gt3pyn93gbc436rczw1jgc9t5dzamz71p21vazme2an7r397gndjjbzsq99z98jpcyw6da0mdemnsfzyrrjw66jrdrpm0scverjrcpk6fnewp5fs7w0v0m1kwhrpzkn6bsytxq8xvj26qzpms2v2wnddzcqkg6aahd7mdqkegfre2dq69mr2edbytasazvwrgb3rc41yhr37kqrv6njm395hv14jgxy17cz3tdaysc8r646ex0vk76h32drdvk838%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2558498
cf-polished
qual=85, origFmt=jpeg, origSize=60655
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21982
cf-bgj
imgq:85,h2pri
last-modified
Fri, 11 Dec 2020 13:58:13 GMT
server
cloudflare
etag
"39d52f1648dac315ebcc9c4fa4ed5728"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZeIfnqOqatQPvNqDNIyyRsOhuzMK9MY641dIFZQEnSGsZhFTJgEyU1JIxqihZaC1HnxtA0eLeIP9pxgGN8XpR3cu3V9pxpEiC8hbYz050unC9LBwlJC9QY3vOLwZ2K19EWmR93DxjA2gDz9"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe93f9891d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
/
partner.o2online.de/a/ Frame 23B7
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLKur4KLg_0CFW6Z_QcdsQYFEA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023020710223881356755533X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023020710223881356755533X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020710223881356755533X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C14019%2C117569&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=970&d=90&e=&g=7a6057afdd8125553e67a2079e020180%2F10502505646532520483&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6t5n1whyt6y1ts9p9qwb7gt3pyn93gbc436rczw1jgc9t5dzamz71p21vazme2an7r397gndjjbzsq99z98jpcyw6da0mdemnsfzyrrjw66jrdrpm0scverjrcpk6fnewp5fs7w0v0m1kwhrpzkn6bsytxq8xvj26qzpms2v2wnddzcqkg6aahd7mdqkegfre2dq69mr2edbytasazvwrgb3rc41yhr37kqrv6njm395hv14jgxy17cz3tdaysc8r646ex0vk76h32drdvk838%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:38 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2023020710223881356755533X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2023020710223881356755533X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218
date
Tue, 07 Feb 2023 09:22:38 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 23B7 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C14019%2C117569&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=970&d=90&e=&g=7a6057afdd8125553e67a2079e020180%2F10502505646532520483&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6t5n1whyt6y1ts9p9qwb7gt3pyn93gbc436rczw1jgc9t5dzamz71p21vazme2an7r397gndjjbzsq99z98jpcyw6da0mdemnsfzyrrjw66jrdrpm0scverjrcpk6fnewp5fs7w0v0m1kwhrpzkn6bsytxq8xvj26qzpms2v2wnddzcqkg6aahd7mdqkegfre2dq69mr2edbytasazvwrgb3rc41yhr37kqrv6njm395hv14jgxy17cz3tdaysc8r646ex0vk76h32drdvk838%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1605269
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubG6A1dQUgUCdz78EZHsBCMKj7%2F3al%2Bl8b8b4cEDwcxRtfJlcn9ZwOsMjRxcQhxgUMOp7tJffiL4mY0gImGoq%2FZgYpIHvbYds%2F6QaZr%2FtD%2BTmVDK%2FtW9ooLIlbSOPzpNnOJsMkEMl2GRz6tf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe93f9991d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 23B7 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C14019%2C117569&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=970&d=90&e=&g=7a6057afdd8125553e67a2079e020180%2F10502505646532520483&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6t5n1whyt6y1ts9p9qwb7gt3pyn93gbc436rczw1jgc9t5dzamz71p21vazme2an7r397gndjjbzsq99z98jpcyw6da0mdemnsfzyrrjw66jrdrpm0scverjrcpk6fnewp5fs7w0v0m1kwhrpzkn6bsytxq8xvj26qzpms2v2wnddzcqkg6aahd7mdqkegfre2dq69mr2edbytasazvwrgb3rc41yhr37kqrv6njm395hv14jgxy17cz3tdaysc8r646ex0vk76h32drdvk838%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46641
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBlTsewiiLDb1QNNEDulH1zA5uCDvrgJ4DyqmjGvmp6AND%2FCCC4JWNt1LWXY%2FbvnkDYnBFFmaCAxl3kThP16nnN1mi4t%2FHkchRbBAOkGmnfHGg8JTJh7qY0MSLILAWow4xEq%2FJk%2FucoO4f1U"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe93f9a91d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
ztpv.php
www.conrad.de/ Frame 23B7
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f6971580-a6c8-11ed-acb0-22645d5ed731&insert=AW&&gdpr=0&gdpr_consent=
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f6971580-a6c8-11ed-acb0-22645d5ed731&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C14019%2C117569&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=970&d=90&e=&g=7a6057afdd8125553e67a2079e020180%2F10502505646532520483&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6t5n1whyt6y1ts9p9qwb7gt3pyn93gbc436rczw1jgc9t5dzamz71p21vazme2an7r397gndjjbzsq99z98jpcyw6da0mdemnsfzyrrjw66jrdrpm0scverjrcpk6fnewp5fs7w0v0m1kwhrpzkn6bsytxq8xvj26qzpms2v2wnddzcqkg6aahd7mdqkegfre2dq69mr2edbytasazvwrgb3rc41yhr37kqrv6njm395hv14jgxy17cz3tdaysc8r646ex0vk76h32drdvk838%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:38 GMT
via
1.1 additional-webserver-blue-n1lg (Varnish/7.2)
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000
age
0
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish
492706831
content-type
text/html; charset=UTF-8
cache-control
no-cache
server-timing
intid;desc=020eba45d2019749
cf-ray
795b0feb59c23609-FRA
expires
-1

Redirect headers

Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1675761757_f6971580-a6c8-11ed-acb0-22645d5ed731&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame 23B7 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C14019%2C117569&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=970&d=90&e=&g=7a6057afdd8125553e67a2079e020180%2F10502505646532520483&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6t5n1whyt6y1ts9p9qwb7gt3pyn93gbc436rczw1jgc9t5dzamz71p21vazme2an7r397gndjjbzsq99z98jpcyw6da0mdemnsfzyrrjw66jrdrpm0scverjrcpk6fnewp5fs7w0v0m1kwhrpzkn6bsytxq8xvj26qzpms2v2wnddzcqkg6aahd7mdqkegfre2dq69mr2edbytasazvwrgb3rc41yhr37kqrv6njm395hv14jgxy17cz3tdaysc8r646ex0vk76h32drdvk838%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1781290
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adTaoOV4FbhgH6eQZmaD5xUWoZm81v5r%2FMIcv0wAyBtop2KZ0ZWk7B48iTjHL1K4NnHbOAjbncTwkTeyRwMuv9QfbG10irvoxrtURAhyWq995CM9jh6Bc1jDMnm7PkHf2vS5gzQDDdreDr4a"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe93f9b91d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame 23B7 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C14019%2C117569&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=970&d=90&e=&g=7a6057afdd8125553e67a2079e020180%2F10502505646532520483&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6t5n1whyt6y1ts9p9qwb7gt3pyn93gbc436rczw1jgc9t5dzamz71p21vazme2an7r397gndjjbzsq99z98jpcyw6da0mdemnsfzyrrjw66jrdrpm0scverjrcpk6fnewp5fs7w0v0m1kwhrpzkn6bsytxq8xvj26qzpms2v2wnddzcqkg6aahd7mdqkegfre2dq69mr2edbytasazvwrgb3rc41yhr37kqrv6njm395hv14jgxy17cz3tdaysc8r646ex0vk76h32drdvk838%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1084790
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QPZIK2p8QhVhBBI0cGll4b0ZxFcjCmCUsOlyJB5D6yWtWAa88bd%2FLbOjbaf%2FqAInw6QWpSnR63dRTZUpmx4Z1FYfsbI3Gp8OE2s67SZ5UusWnSSB4ZvcFUBXCEf6ODAIrT6xoVTdOry4B8%2FY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
795b0fe93f9c91d2-FRA
expires
Wed, 08 Feb 2023 09:22:37 GMT
cshow.php
www.awin1.com/ Frame 23B7 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458%2C14019%2C117569&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=970&d=90&e=&g=7a6057afdd8125553e67a2079e020180%2F10502505646532520483&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g6t5n1whyt6y1ts9p9qwb7gt3pyn93gbc436rczw1jgc9t5dzamz71p21vazme2an7r397gndjjbzsq99z98jpcyw6da0mdemnsfzyrrjw66jrdrpm0scverjrcpk6fnewp5fs7w0v0m1kwhrpzkn6bsytxq8xvj26qzpms2v2wnddzcqkg6aahd7mdqkegfre2dq69mr2edbytasazvwrgb3rc41yhr37kqrv6njm395hv14jgxy17cz3tdaysc8r646ex0vk76h32drdvk838%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCF246WhjiY8DkGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSnAk_QUM7dV4Znh1ibe4f2wVqgsWJZTYQNLsU1Q0WcF4OrKIsD1aQeTjBfc_blI1399gxbKjcxL4_0HvALGQ9-VsvzR8HoNUMWZfaK3JdibLHlEnFvBAOYgjLw14OnIJWk4YbaoFQD8z25H7kYXciszcdqHGQSuqFodz00uC2NE2E2c-6zvW_B8Qjf88UJq01RJIGS7sjqm6r2o9B41ZH3O2UhAtF2xkEnF3LitZjOeqNHaQ7yp73PPHqyjLd4eFDx3IsQcpsR7H4ZfslaeQDIQkr4EBC7oZin-3ap23yRc4uqXGXYgMAtUW1GWQCXtPauw66cW9rM5c1Ben5ExCakSc4Pcj2EathFWdj3EqcFpyH0Oq4Rw0mT16qdZmFbJTmRjzE1WEH6Z97gBAGABoGV2N-QofbviAGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2C64QBHFFUlgCUwWfLGbrvczWebQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.100.75.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-100-75-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:37 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
link.html
track.webgains.com/ Frame 631B 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kd6tk40bdx9zp48pvgaymw5ytysc3fpv0j1et1y5x8xcgnwc7wdayt7rxrpryj43v3ays9tpy924ecage4ccm23e9apmdy2nc8j15z4dw1atbfh1gg013n0gc7pqy5anws7nktvydn935xntfkyr9y5azr4gqcr61sdbq00ty1z0ba7fcw89bqag2h033zdrkyr41tr34wakcsatq47cn961bf6keqdmg4qmj7r28qjd87k6150edw1d0c8f0afvaks6%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%252526client%25253Dca-pub-8745593945608202%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.165.36 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-165-36.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
0da9d3b733e8191902e115d986885acbbcf2af76383dc5baeec2d1cb307b971c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
last-modified
Tue, 07 Feb 2023 09:22:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 07 Feb 2023 09:23:37 GMT
link.html
track.webgains.com/ Frame 8D92 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h3fvf379v41bdey6xgndsg29m05bds2a6k299zwav71eyky1zheepbqbavy3640wmejv4w807tha6fdccnfj9yhz2ggptdkq5ma2btnv5gb8y51g7b56zjz847r9fk5vqh682fh51xhm5m93k6qrepqqr9vrvpdxmasce2yd31jk5ajfefypagzbqx9am6hdkht12ap4wzqs7fy4eazqz8pss08s0mc40q7tqhynm9zrttm3y4ed6wxah5ks3ta3r2g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%252526client%25253Dca-pub-8745593945608202%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.165.36 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-165-36.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
b8986469f0558c8618ff937c0bfde6ee507e5a4d80a5a3c6a06fecc96bb06bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
last-modified
Tue, 07 Feb 2023 09:22:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 07 Feb 2023 09:23:37 GMT
link.html
track.webgains.com/ Frame B9CF 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jwqzvengxct0h7senzfwweq8xrqxr2zd12em1bwdaydzt6pbtzeg97vpft2rdf7e6gydse4cqc4yq8ysnbs4pv478vkktnn5e1w3xsvn0pkpetm9y7y9htchdpzyebkdnsha62edyz8shf2rxq7esjfgy51797a443e85mqmdse8m5nzjy6xdd661m3mazbmhkyj1rp7dk26mn9ynrtr4pgzcet5vbvm7encxh856hbrxb972fbf6x7ewt1q0crv91y8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%252526client%25253Dca-pub-8745593945608202%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.165.36 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-165-36.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
fc219c9605747cfca9d55768ad5d97f6f5b76517166dc85bb2cedbfc22b2aa89

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
last-modified
Tue, 07 Feb 2023 09:22:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 07 Feb 2023 09:23:37 GMT
link.html
track.webgains.com/ Frame 8D92 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jsbfz3b255ex2yp7smm7yfqatd6t4vne25qrdpgm2jvn671wws42whmfpz4x0vqdqvqvhkzq0s6wb2n4y2t6jwgya8ed3madvf0nsq8fh6jtkmay4txk4t98zsfg0kxxwcwfwk0ttazas12t91w0htp7h9myckeav97vmc5f3scwzh61afpzg59b96bddcw3c1fktsgq956ddjhe2ejtn2bxgjnvk8rnserc7zwh54h5bxv0cmq3peff0fbphmxgr9a6%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%252526client%25253Dca-pub-8745593945608202%252526adurl%25253D&clickref=oneidQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcVoneid__dc_reach_suite02wkz&viewref=oneidRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7oneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.165.36 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-165-36.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
0c1a7d249876c734451f6342b725f22cd9ba732fcda22ace0f1a8aada0b191f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
last-modified
Tue, 07 Feb 2023 09:22:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 07 Feb 2023 09:23:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DDF0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1it9Qd8x9UNf13Fv_YDphOE4ZOWWQ5XdPgO4_QxXP4BN8GTsdBjPP8NFPstHyrOKunCHy5DviR2tyaZ361fTVTEXg4zyewMsoG53wXAUXLUa_ANYU-thWlgXGtZ1YDbkUclikkbXrJuwddiVXc98EBoqdqOgYKJbpo_MUBWTwTYrS5YoydJ500TLTMh65HKdhDJuCPN6DSpBPwKNzF_waiSRLqNA2mTpyZiCLsm0uNhfSq9I6LizR5kTZ0PPjF0Li1fgIOAduk8_Gj2gkCowTM8lJaOFs5rW7KHnsU1gyKZlr38NqUxj5b2biJzbCCPLAJ-ithWeAkCZzaWhJ1FN9B_0TbVo2_sBu-uWTzEHFDz0SZBltHmfwVOFcs7wYzw0tSZbMBmTu3dGLAO7AFth-6dvaECKuyMLe3Ab-DdW9goKYRaYUjHz8LW8FnnJweSZENX7OAQvMhPpf6k0irNCerbNkzju143_i4TDML_EckcvBXdSdG_1kscohrycRC3YP4JhLLM1E6v4lPIBsBFWygpTNcV5mvmI2SXX4u7LE7LDbEgN9BZwZ89Hzk4jOJr0gLriV-Xbvpkw2GMPjiiG55pFeCLN0mq0Tu5VEogAtOeLugn1aHk8V6i2eDzZx2O3Rw9VXnEd19-7q9gdoytan2zl2alNTAi4aM2e1WCHYcMiDLrElC4oIgbyC6ajSzhpddK-tdqnzuSf82YLixxb3caPgVhEFwA6jHDCmkPkMFezVA-XbrwgziEbFKhlXL3A6RQYxww_7UMZCoMNhAPne4r5lWFWzYDKytWlKVxFiWS2NJ7OOTsgOt1zly_27v9rF0AFdlklhKl9n2QqP4A1J_ukkhSCn78kieXQt9eTrncJqRwfg8yXXER1JnzEG8XFFPrVIdtq0B0grND-fK5Y1gFdclOV5MFqiQ7KoCV7WOm5OpVa9pjZwpGz0XZ9jUB1Rp0CHCcsNCx2Q9DiqRMpWY_8eNuW9fycov95hGmnYPa48iETG8nvXCfkvOEJSpffnOsMkyOZ4OxamP0DLB_yEjKvumHJclJLRE9IMsoh2_URtXCmDUHTDo5v7P9YIH9mocdsIRjWisk07F8jrxzOGfN9ldfNdkX3xJ5aoFIY82OR9SrYtCwAAXHk0F5ETxmeXyWxY8LoGjU78_wK4qLWa4Q&sai=AMfl-YRLHcZixdC-O0Hp87xR5PocWMpWVTxplprFHIMGNH0kI6u-9PaVibDg6sF3O9Qe8wzFEgjFfy7hEDn0s6V_dYKGj6DLPXeeW402l89iaFyF28HVtgMvIYzGHIxQPOabTi3B9MQ6oVdC&sig=Cg0ArKJSzJBpToxhc-Q3EAE&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE&id=lidar2&mcvt=1000&p=10,115,100,843&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230201&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3611282516&rs=4&la=0&cr=0&vs=4&r=v&rst=1675761755235&rpt=1427&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vpaid.js
ad.lkqd.net/vpaid/ Frame 3199 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1675761757.cds151.fr8.hn,1675761757.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
activeview
pagead2.googlesyndication.com/pcs/ Frame 860F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhObP12XqhkP4-6-vLba46owtFn_nKnCKICt8DxziwOqlxLjzN32pgLk46TiRT4X4TWz5g-xv-l6R0gDDU8ZpGnD0BbtcnwMXgrzm55Jk_an8iJzdapr_tdCTJt4pq-l4Jk6y2X9m-bn3doFjereS_3dO8dw-_zJWNmcvY-mleLLg_CrLjDXnPYaKKSutM9MfNVvPRVnbftYFXpQibsrsAal8oTu4vuoIlXte2GWM56Qg2IrcuLXRqAhA6XvQvGi9_ptt_LSqExUEbfxo2K2xwe_LlGR7TwjXLJqryigTuIff3m8fo0sgZ28vlGBUpHHy0Ci-vQG4PVVw54GLfd7S4cI_j21mXERFHsS83-4hVKcR6Cm-O1eVjnuM8kv0MACqY-h7wZtpRQ5cGy7np06y2OmSCDcLgYlv3e8lTWfxedEJSjqcKCMCcWmhlQ7EQnJVUBld4IHn96jpEez3Xit40hGNgy6hbT8NOK0K1gwO8lj7oyHI6ADWEsRvat9euBNQfhtsLa7FPgewlhosM-Ib7uRkBciIGW2ygDt-aXppuJABPZRu8fqTuCA1gzsv6AyxtRWv8gQu5-9WUaIwsWKu5kiLP9TYtrs3CLXMAy59NynWcmCmgjSO0lGmwCfxDcx66jj4jg-J_gmu-HqObzeFgbJ3x-7fV2WfRiXe2qz_8Olc19lcBNSRHZlnhgpC9d-Tlf9iGGui3q5wjqgduFb6Yl_HxwNrbkm1j91xdd3khYXmKlMeOaD-SzebKMpf2oGPnxo80e8HNcmbdcxrjP5jH3y0cCuuwlwEIJOCGBdhw5iO4DZgjEdIq9lM9a8wtIxjye6BYvay4Ia5DUngmmAB0caqR7tWNxy8oheXUWjCMDxEd9dys4du0fCt1VOiw_6dxmx0v0FBUKX9UsRxOLOyiNRJUDEyqyi8D-iymT1OKcUHREJErc7WUx8vo5_9MGeghi3Jg78NFZqrBCCHWpVWrVTybTSKnZZJBcWqjDF89vcTZu_t0FwryrsSb1lrHqi4SXAg9Q_b98z0bqrcvmSG60_rO6F2h7PO4gnCCgasP_ebwZRO-zV_eEKplptAXbgz5WzgnIR3EAdUt9SCOsI-3sYnr59ZJ6i6z_Y6HgT590_a3_2tuJCRWABboidMfeHt91hX369kFTygEnLZJzMDHYw&sai=AMfl-YQnSXReOjqSY4LLtSFtbnT3anwHb2XOg4VK2bJuTbGcEtqtcDM2ACwt42qU3HN07HmWWIMq322fZQYr8LO8cds5VsjqghnPLz7f6yEq2VTpc3XUnBT8bGFSaHR6-FH_0uFbbJbmDseg&sig=Cg0ArKJSzGkgn5EDL7BBEAE&cid=CAQSOwDUE5ympQrfpGswLt7sRb4FPiBbySILPPSClfqiBE817c98T_XT0VIHWniXK_-cBODBy4oOMgzz4h7yGAE&id=lidar2&mcvt=1000&p=246,436,336,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2342546863&rs=4&la=0&cr=0&vs=4&r=v&rst=1675761755302&rpt=1399&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
ad.lkqd.net/cookie-sync/ Frame 5F17 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Tue, 07 Feb 2023 09:22:37 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1675761757.cds151.fr8.hn,1675761757.cds288.fr8.c
ad
v.lkqd.net/ Frame 3199 		57 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=17034828&m=&rtv=1&thost=www.lebanonfiles.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
0451110954dd2b81e061876f173b9c1244abbc66a3aadf2687dea0c0164aad1f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Feb 2023 09:22:38 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3847
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=17034828&m=&rtv=1&thost=www.lebanonfiles.com
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Access-Control-Expose-Headers
Content-Type, Content-Disposition
Access-Control-Max-Age
300
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Feb 2023 09:22:37 GMT
Server
nginx
link.html
track.webgains.com/ Frame 4348 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j41n70yw4cgd8y1ft11qgwdf6memf1k08b80ma10t6cd8szngkjwgqmkgp8fen24hd8y0r07tyh8qx8jd41zb59adfzh699eyf9rcsnxtcgse7jyqyvmg2re333sdcxdak72atpsvqfdaxaxjys2aqz1jdm9yf1smh36adawtpzd9ra9gg92spktt6g2hx7c65vhazt4p2x9c3wxgw517x6dacxndhqqvb1w300h4rtd27bv5p8a8nfm14sthc8335d0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%252526client%25253Dca-pub-8745593945608202%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=160&d=600&e=&g=2aaddd651aa00f888982e71fe970275c%2F12755215677127775712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757339&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.165.36 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-165-36.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
0a77a9e11a5cb5b3cce39020378236b0fb3797fa850781e19ef7f1c3ed92804d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
last-modified
Tue, 07 Feb 2023 09:22:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 07 Feb 2023 09:23:37 GMT
link.html
track.webgains.com/ Frame 4348 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h57mjmcvs8m995m0ns7k8312d74mw53tfb5zactj2z0agwjny4nkn933n5qp7w08yr4yt2f9kkx422vv27zfzvb7mp369kpe55s4gyc9pzqgfedx5q256c9hjhhjeyjm4yf00k60trvamysyda89wzyd5ahm2n91qa5nbxt54c70jrttch969034njkc86cf9j6jqgq4qzr1wrjgp70sac9x5xrmqg8c6qcdcsj6em6sysj40ygwsksyhaj9m57f02z1d0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%252526client%25253Dca-pub-8745593945608202%252526adurl%25253D&clickref=oneidQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcVoneid__dc_reach_suite02wkz&viewref=oneidRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7oneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=160&d=600&e=&g=2aaddd651aa00f888982e71fe970275c%2F12755215677127775712&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757339&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.165.36 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-165-36.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
7698eaffca090badc78a9d86bc39a899cd415a5d8195d926a40bf2d9410a7cd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
last-modified
Tue, 07 Feb 2023 09:22:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 07 Feb 2023 09:23:37 GMT
pvClk.min.js
analytics.webgains.io/ Frame 8D92 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jsbfz3b255ex2yp7smm7yfqatd6t4vne25qrdpgm2jvn671wws42whmfpz4x0vqdqvqvhkzq0s6wb2n4y2t6jwgya8ed3madvf0nsq8fh6jtkmay4txk4t98zsfg0kxxwcwfwk0ttazas12t91w0htp7h9myckeav97vmc5f3scwzh61afpzg59b96bddcw3c1fktsgq956ddjhe2ejtn2bxgjnvk8rnserc7zwh54h5bxv0cmq3peff0fbphmxgr9a6%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%252526client%25253Dca-pub-8745593945608202%252526adurl%25253D&clickref=oneidQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcVoneid__dc_reach_suite02wkz&viewref=oneidRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7oneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-29.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:30:07 GMT
content-encoding
gzip
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
85951
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
f4hNAlJ11t2d-FIerLGKEG8zmwTLj8xteUkA5AIwN0GYTv0npedPjQ==
Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame 8D92 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1675762057&Signature=lBlk7T58Y2twyAmdc0b0JFs51XMT~iXNj06Jm~fV9adNS~lwA9iLX96w1pgcanqL3TfzYC4-Mb1HM1j9uwawrYXSZH9XiQOrf~4oeXgNIyjeZCk7K7GoaYFQsM2-RmCrRdWtEk-xwrvFXOkY7E1JBCmRJOlm~3w2y4bDbf7M4HARD1m~yOClIp77Ht6DO8PLJeGs22k3beCp1J9RviRqShrlRDoYLo3e3rgi9pKJS9bBhzgtodHSJyUOnVHcB8r6IZ~jpRLXNsGNNvzRCPzqsmAfRq291kucqgTGWoi2nDd-R4mYbGUwRQkoxp7~H8OZ7azGQTDrxqu4R5BN2jGihg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-16.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 07 Feb 2023 08:33:15 GMT
via
1.1 4f04fd3192b8e206f3b06830e1587d80.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 13:56:07 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
58154
etag
"66da632e2658ba90a2b4863be372b9cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-length
2298
x-amz-cf-id
6DKOkPwD5TBYGvcGelrn5Sn5teRhyYuxNDj5B4Xpj6Sc4PcgqRFx5g==
link.html
track.webgains.com/ Frame 8D92 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C183975%2C321735&b=Rx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7%2Ce7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1%2CRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7&f=Qxef4fjfbV7txH5HYt9CZekh6S4T5qBcV%2CDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFV%2CQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcV&c=300&d=250&e=&g=14ecd1bbbde19bca18f31009138eda4f%2F1363762635164828721&i=21596%2C20597%2C110819&j=16%2C21%2C21&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1675761757337&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hg30nnv3dw04tpdgg93bsmh9m5bdfg7k6bw2ed9e5bdrkh5djj43t3bt8wz95rx34ff67e9v7x9my2e2gc4a5wrk15yvs8zwx7dtbhv8entzg4325hr5cbhnzd6tq3x8y8j5efe86pba4yb7fzv124pmap80bedwhvtczccbt9f90wd6t708kyzqp4h30rtv43cm9bwqjzrxzncm9k7s84zvhgygr93c2x1a5n50re3s2wbkycbxg0g57fagzx2c89g7mng94dnw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmYbrWhjiY6nmGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSjAk_QUTtDWkAU36VnyFwyXzKps5WqQNrIwzRdD6X2V5CmvnrcUJXmhmkv053zpWXTWdaiz41rmYkj1y7EG8F_-SC6B_WwbDZ6NnnaYt4SBKL_fNeC2x3KGM607_Mvcjl9z5AHAII2dH1_5VcOrtKmacgz8f7lgxvbzTABzR8SD6jpu8EFd_peJkxeiI3BAJh9NjWH5ZVyk3uRhZhzwnh7dqRmtC2k6-S7kyvCroTysheIIbwhbittWijIh3txVSlpuxHbANWzfJ6Ro6Yok8u-0AypBs8L0N-oxG9bH-NwCEOz_oFD3vTXVTUPxJq-NTuCAhPuyLuAqlq-KXlhYuwGDArzfyUTjr_a09eeUtisj3JWz0w9D6CEdnvvlz5O-Bx3dTdrs-AEAYAG8bq-wcyDn7X8AaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_0lnV0Tp2Fkmz6szF4oRKStVCdKHQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.165.36 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-165-36.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
last-modified
Tue, 07 Feb 2023 09:22:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 07 Feb 2023 09:23:37 GMT
cs
cs.lkqd.net/ Frame 5F17
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f502d07f-d441-4286-881b-bbb4297e4aea
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f502d07f-d441-4286-881b-bbb4297e4aea
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=f502d07f-d441-4286-881b-bbb4297e4aea
date
Tue, 07 Feb 2023 09:22:37 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 5F17 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 5F17 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 5F17
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:37 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 5F17
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:38 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Date
Tue, 07 Feb 2023 09:22:37 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
pvClk.min.js
analytics.webgains.io/ Frame 631B 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kd6tk40bdx9zp48pvgaymw5ytysc3fpv0j1et1y5x8xcgnwc7wdayt7rxrpryj43v3ays9tpy924ecage4ccm23e9apmdy2nc8j15z4dw1atbfh1gg013n0gc7pqy5anws7nktvydn935xntfkyr9y5azr4gqcr61sdbq00ty1z0ba7fcw89bqag2h033zdrkyr41tr34wakcsatq47cn961bf6keqdmg4qmj7r28qjd87k6150edw1d0c8f0afvaks6%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%252526client%25253Dca-pub-8745593945608202%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-29.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:30:07 GMT
content-encoding
gzip
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
85951
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
d5PiViiqGtl0eloHXI_k_fChfUuOEmXFnkq6KTClz6irRdvvP2-IcA==
1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png
cdn.track.production.webgains.team/286305/ Frame 631B 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/286305/1619604937_fPkEZHu3MNy3GC7XuV3lA1s9E5XlSAcF.png?Expires=1675762057&Signature=SWzNsofgnBJ3qHPgdn4pcBi0P1lBkQqi-5aVGsTbrGA4A4BmUzfrzVLlauoOYqxMfCvnXZpnBBJQ4u1oTJmoor5Vr8go8fSIrkCz4wecgKCkGvIj3CewA9DYqTqriaSRmn2-4baTq4T7ESsRvkp9PkIhxpky2HUZMXck4KMI5q-Et355WfKigL5JH7qciYS9MrEOEjiNKzni0UQ0w8pkIOdGly~b8DdveSUisTToCINo9xziNXwwOHMwuzHbTbA2cQJ41ro-LXdnyc-VWQ~LZrT2EJ9WJzphWxWZ9-NvrhU6MJ0JTCdFJomyXnW5R5-RbhZWGymtV~~hU4rZ0cn4ew__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C197862%2C14019&b=JB7Uzf5f3drKCBH6H7tptrjQtxSgT4EGaP39W%2CRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ&f=GjMSBfpfXwxkcKHeHGtBC31dHZSYTJ78sQVeB%2CQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5&c=160&d=600&e=&g=fd283886dca4824330395e70faa90899%2F16122513429563864489&i=25174%2C71725%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1675761757363&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1ked7d84ssftkw339fpe3fhbttrrk3sv2jb4k97km2y1x9jbex5npgw0nverrzk05gj87pjtxgecxbg6jmdna0hhm3vdds75h1tk4anq2jw1c95zsmj2s9w7stghs3d2rxm3y610zqm548ch57c3s117q9by3kqz0s7brr5aaxghmp7ga7n7wrnpv098hfh7hme44x45jk0zdw0a7tncemm8cmmx8ds1bhxtyx33y1y25jvgb04h9jzx22hd852sjsf4rxnnr22w2gg3txrffgz7%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCwsjQWhjiY_b2GMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSeAk_QFZMvn-WQTjDpVKzUVkB9CxZTlCYBNshhVOiCQpe0mSutlX9d6UKXqnzQyo6iOtuFmYiNYAcTwypF_2LRua-wbAoLseXw8hoz5XyTl5aeg2xnggEAd2ZGdancRJ8YY65E6HmMYq94Yt621kL1_jqpN78Bjl7LuH8w8GTgqBW4txNGcRc10SCosvxAQitMtpsEA9dNqQqVIHXuwKQN18mnwn8gP6EdlTQHjRsYN2sROD2PajQjuB9XNWCkl8EhR7hF5G4izWIrLPJvaJlVqVNtry7-t28u8l5mmd3rhG50TCRDaY62yb2pXpEthUe_p2hrzy1T_vCmjGRK8xzmOX3WZ16e1XlRddWQviXU51kmyqudWzmxETxjw11gfejgBAGABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_05KeroRp1gsBKSKXwvmrGKKHu_iQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-16.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 07 Feb 2023 04:42:13 GMT
via
1.1 4f04fd3192b8e206f3b06830e1587d80.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 10:41:35 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
16840
etag
"d4e8f970f24f6d19b53aa92b1907c1ef"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15054
x-amz-cf-id
6AsIOLzkcGX73D4OOEqP9eJ6si7mg3JpoDHo2Wdj6C7Y6_mcAzb8-A==
pvClk.min.js
analytics.webgains.io/ Frame B9CF 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jwqzvengxct0h7senzfwweq8xrqxr2zd12em1bwdaydzt6pbtzeg97vpft2rdf7e6gydse4cqc4yq8ysnbs4pv478vkktnn5e1w3xsvn0pkpetm9y7y9htchdpzyebkdnsha62edyz8shf2rxq7esjfgy51797a443e85mqmdse8m5nzjy6xdd661m3mazbmhkyj1rp7dk26mn9ynrtr4pgzcet5vbvm7encxh856hbrxb972fbf6x7ewt1q0crv91y8%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%252526client%25253Dca-pub-8745593945608202%252526adurl%25253D&clickref=oneidGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47oneid__suite_Netmix_Reach14_AKTION&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-29.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:30:07 GMT
content-encoding
gzip
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
85951
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Z5SmeI2t3U-vsHp_9xhnZIwX806v81-bhgDBil3-YjaH8OlPDCK7FA==
link.html
track.webgains.com/ Frame B9CF 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1oneid__suite_Netmix_Reach14_AKTION&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C183975%2C14044&b=QM1u4fjfPKDqcxH5HYtGt83Xc6S4T5eKsQr%2CJgqtzf5f3qpKaBH6H7tptp8eaxSgTb71Ux1%2Cpp1c1fgfw2dHkH4Hmtzt4M3U9SRTEY9sY1&f=241U6fqfj6xJUVHWHktwCREbaxS7T7R6uwV%2CGg2tBfpfXq8kaKHeHGtBCpWraZSYTe6xT47%2CJgqtzf5fZVdHBH6H7tqCrB2CxSgTb71Ux1&c=300&d=600&e=&g=cca614d7d96e6123a1b9c8d47ac06b38%2F15863518076120340699&i=25174%2C20597%2C25007&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach14_AKTION&r=1675761757371&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hvdbzx85m7prwc1kh97tn2m7pyspr6v8nvz78a9wd5cq5efyd6q3dw0kx2nwfksknj2m8n4z65t6grycn167adcyp32p21xz2yc50denkedm28w64xqxbq6d9nwce9q7fycf4v4n2qw8gd5mspc5mhmncmrqmy0ppzdp19pg8prtfhrksmy6dkzfpnx1s09qfd8kccsayx9vf262v0zvq7jwmcbxta7cy6pjztgqzdvvnrj57dvx8sdnf6dbypvf5qmfjrxwzc411qaspfg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCiVxHWhjiY7boGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_QWlHmLJbWOEQKGNsBmaILpFRPMXZ1iciXls3_ObCLzpYvslFjWsS3kmisTvBvUEmhTCDIT1LcoDj_yw97g8rMgIW5qAbMs-9G5T9_lg8XGKi_jfgUgYEiPN0q9xIa_ZpkwNzGj6hKj9i_pyV-47MWbWiOxCt4M2jSurXqowccuFOUd5YE1Mt0IQ3QtiDuRXUeMNis_mxF-F694H4mvnofuryb--4hGLjVn7PIFH59op9_gF0EgYB0kyAEKfq6NCTOtG51ClYWd37OqxiRdPq9i-rrqwEX3teFhhHLPx13YPUg8CHjvRt_wCTwvKLoqQuEgBwIfJWL4omfq3RhJNM7-Tl1VhrOfuxFFUsmp1lsOau2XqMGn5H54AQBgAaCwPHTyJnR3-EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2Wz4pT3bODKrVJX9DihfOJDszkuQ%2526client%253Dca-pub-8745593945608202%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.165.36 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-165-36.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
last-modified
Tue, 07 Feb 2023 09:22:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 07 Feb 2023 09:23:37 GMT
pvClk.min.js
analytics.webgains.io/ Frame 4348 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j41n70yw4cgd8y1ft11qgwdf6memf1k08b80ma10t6cd8szngkjwgqmkgp8fen24hd8y0r07tyh8qx8jd41zb59adfzh699eyf9rcsnxtcgse7jyqyvmg2re333sdcxdak72atpsvqfdaxaxjys2aqz1jdm9yf1smh36adawtpzd9ra9gg92spktt6g2hx7c65vhazt4p2x9c3wxgw517x6dacxndhqqvb1w300h4rtd27bv5p8a8nfm14sthc8335d0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%252526client%25253Dca-pub-8745593945608202%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-29.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 09:30:07 GMT
content-encoding
gzip
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
85951
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
sPIZEpPAgiEJqNnHa6s7BsV0SroZmT0wh_dqFJcKPZw4bSEeQRNEfg==
link.html
track.webgains.com/ Frame 4348 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz&wglinkid=2194035
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j41n70yw4cgd8y1ft11qgwdf6memf1k08b80ma10t6cd8szngkjwgqmkgp8fen24hd8y0r07tyh8qx8jd41zb59adfzh699eyf9rcsnxtcgse7jyqyvmg2re333sdcxdak72atpsvqfdaxaxjys2aqz1jdm9yf1smh36adawtpzd9ra9gg92spktt6g2hx7c65vhazt4p2x9c3wxgw517x6dacxndhqqvb1w300h4rtd27bv5p8a8nfm14sthc8335d0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%252526client%25253Dca-pub-8745593945608202%252526adurl%25253D&clickref=oneidDjeT3fwfGA3rF3HmH9twCZ3kTxSmTk8rFVoneid__dc_reach_suite02wkz&viewref=oneide7RC3fVfrkRMajHZHet1t4jXTwSQTx8Ja1oneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.168.165.36 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-168-165-36.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
last-modified
Tue, 07 Feb 2023 09:22:37 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 07 Feb 2023 09:23:37 GMT
csi
csi.gstatic.com/ Frame B21C 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=2~ldu1a7cw&c=4395065835724&slotId=2197532917862&ghmsh_eids=44748969%2C44765701%2C44777649&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4000:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B21C 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=3~ldu1a7s8&c=4395065835724&slotId=2197532917862&met.4=ghmsh_s.ldu1a7sa~ghmsh_s.ldu1a7sb~ghmsh_s.ldu1a7sb&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=9CsW2E52GB6i7Uo1
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4000:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame B21C 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame B21C 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
190-2-151-10.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:37 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
Logo120x90.jpg
cdn.track.production.webgains.team/294690/ Frame 4348 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/294690/Logo120x90.jpg?Expires=1675762057&Signature=lBlk7T58Y2twyAmdc0b0JFs51XMT~iXNj06Jm~fV9adNS~lwA9iLX96w1pgcanqL3TfzYC4-Mb1HM1j9uwawrYXSZH9XiQOrf~4oeXgNIyjeZCk7K7GoaYFQsM2-RmCrRdWtEk-xwrvFXOkY7E1JBCmRJOlm~3w2y4bDbf7M4HARD1m~yOClIp77Ht6DO8PLJeGs22k3beCp1J9RviRqShrlRDoYLo3e3rgi9pKJS9bBhzgtodHSJyUOnVHcB8r6IZ~jpRLXNsGNNvzRCPzqsmAfRq291kucqgTGWoi2nDd-R4mYbGUwRQkoxp7~H8OZ7azGQTDrxqu4R5BN2jGihg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4371640&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h57mjmcvs8m995m0ns7k8312d74mw53tfb5zactj2z0agwjny4nkn933n5qp7w08yr4yt2f9kkx422vv27zfzvb7mp369kpe55s4gyc9pzqgfedx5q256c9hjhhjeyjm4yf00k60trvamysyda89wzyd5ahm2n91qa5nbxt54c70jrttch969034njkc86cf9j6jqgq4qzr1wrjgp70sac9x5xrmqg8c6qcdcsj6em6sysj40ygwsksyhaj9m57f02z1d0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1ghjwq62wcbg88y8zjrpryh5sfanmjzg9c04qxq269jfv3g0ateqg8q5bnf4r0z9r7mb2aha804jsmksvp1zs9fne4c6qy1ty5jceszxsj22dhkwzgstg30rtz55wvyxp3t7ez8qpkbkfv7bq8tasa6c7set462ytvj4y8199k4772q20mn7vqy6dqr8eax1r9t31jbc7915gxzpxmbgk64na3ej9mn1hncwj48n0q2rpy3sysd7gce8x8t97n52yhzyde761gs4j%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC2f0NWhjiY5_tGMH43wPfs7HYB5DhgYRctqjCivACwI23ARABIABglcKmgrAHggEXY2EtcHViLTg3NDU1OTM5NDU2MDgyMDLIAQmpAvaEZ2Zb_rE-4AIAqAMBqgSZAk_Q2SRn88YdfPVQ8iEgSuXVHzHdD90CFDRa9X5bUGodTZL5shkUcV95MLv_q8OrNDLeod-qMVMrmgZv9LL2M0KgLnKqYw2uachPU-yeNZeIztOlfwoPfzlDsaCYwfn_DVjOI2BaEXCeRu_Xn3Pr7CQECdemwvgxfgUlouPgvIHghKist44EA3-xzaplL4VgIRGaOi5r7cw8_Lte7UdOqmhSf5mDVXvOWynXRYIbD3aCqhOVz-mFWyANyCoTMPvS44FhYwFsN1psjj0obdPxaBJWnqaceswfNi7pXdbnHpXgBp3DVqfianSLT0-wqleGq3ipOUUrQEAVBvtiR9cY14x8yKd6ogaDL8pV_xmZx_NxZcXxYz6p7j8B4AQBgAaRy7LTwvHeoc4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1Hao0IXDzXE8U2sCO0x0xfdT0D9w%252526client%25253Dca-pub-8745593945608202%252526adurl%25253D&clickref=oneidQxef4fjfQdwzCxH5HYt9C7YRqC6S4T5qBcVoneid__dc_reach_suite02wkz&viewref=oneidRx6fgfQf8A3BUkHwH3tQtZr52H9SzTmqbF7oneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-16.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 07 Feb 2023 08:33:15 GMT
via
1.1 4f04fd3192b8e206f3b06830e1587d80.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 13:56:07 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
age
58154
etag
"66da632e2658ba90a2b4863be372b9cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
REDUCED_REDUNDANCY
accept-ranges
bytes
content-length
2298
x-amz-cf-id
YAuiYBtnwcWSbDn5KLmyPAyOpsmr_sOByzRJ1RtTBndIYj1sUTiwkA==
t
t.lkqd.net/ Frame 1035 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:38 GMT
server
nginx
csi
csi.gstatic.com/ Frame B21C 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=4~ldu1a7se&c=4395065835724&slotId=2197532917862&met.4=ghmsh_s.ldu1a7tj~ghmsh_s.ldu1a7tj~ghmsh_s.ldu1a7tj&cpn=ew59Nqh0oDWouiCv
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4000:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B21C 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=5~ldu1a7va&c=4395065835724&slotId=2197532917862&met.4=ghmsh_s.ldu1a7vb~ghmsh_s.ldu1a7vb~ghmsh_s.ldu1a7vb&cpn=ApuXChrKrx8vQ8e4
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4000:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame B21C 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=6~ldu1a7vf&c=4395065835724&slotId=2197532917862&met.4=ghmsh_s.ldu1a7vg~ghmsh_s.ldu1a7vg~ghmsh_s.ldu1a7vg&cpn=A-oY3ROaX_wChUKr
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4000:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d34083a65ff0e36a3d645ece2161f69414caf9f8aed2d21e288e7607c5ddd6dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
csi
csi.gstatic.com/ Frame B21C 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=7~ldu1a7we&c=4395065835724&slotId=2197532917862&qqid=CJa4qYKLg_0CFdlNpAQd0nkNFQ&gqid=XRjiY9vGI56knsEPkueHoAM&fb=ima_html5-lima&sdkv=h.3.554.2&mrd=4&aab=1&itv=1&met.4=ghmsh_s.ldu1a7wf~ghmsh_s.ldu1a7wg~ghmsh_s.ldu1a7wg&cpn=itq_6aQ0yXUEN0x-
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4000:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame B21C 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-3191289882045155
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:19:03 GMT
x-content-type-options
nosniff
age
215
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 07 Feb 2023 10:09:03 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame B21C 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=COyzyXRjiY9aVJdmbkdUP0vO1qAGwjbeGbpPh98ySEcSZ-oO2CRABIJ-X_GJglcKmgrAHoAGcr_uoAsgBBeACAKgDAZgEAKoErAJP0PXKUJ-cxvvKRGN-QiTGBUlec5cvMNYVrbOOwNSAwGF9rMgUjccu--OqUGW9l1xUnEny1g8JFxRinl8C6i-YPFmJUQ2xNHSmqstIbv3smnF6BpVkD8zhz_TqW2mqcvxBmxGsEIscQS0L_Phz8YpPnBBolLCf4zx3PzBpS4BqofSvz1kwtyo2-Ulx5zYeaBksBGfrvesn_aRN_GmnzbNUMiWBhVNlu1TZO0AGyTozudSsn4aoGPOEyzwhNJg85lYXmulUIZZgMQwM13PPEJPmBHuzNqeLL28PVnBDYt8gXftE4TKLbVB1ZSjFRAPRCVCmOHx72BB9tPyHadZTPh8fH9i4aiHPw1fkyZ_0JyKmQEj1Tly4SYggqiJ_AE-IQ4Jr2u0ZfmvK6Y43CtjABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQJoJGmh0dHBzOi8vd3d3Lmhlcm8td2Fycy5jb20vsQlp5XmPejqX3oAKA8gLAdALDuALAbgMAZoNAQ7YEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=5gEyhxdgCyM&label=show_ad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/gampad/live/ Frame B21C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CGN_2XRjiY9aVJdmbkdUP0vO1qAGwjbeGbpPh98ySEcSZ-oO2CRABIJ-X_GJglcKmgrAHoAGcr_uoAsgBBeACAKgDAZgEAKoEqQJP0PXKUJ-cxvvKRGN-QiTGBUlec5cvMNYVrbOOwNSAwGF9rMgUjccu--OqUGW9l1xUnEny1g8JFxRinl8C6i-YPFmJUQ2xNHSmqstIbv3smnF6BpVkD8zhz_TqW2mqcvxBmxGsEIscQS0L_Phz8YpPnBBolLCf4zx3PzBpS4BqofSvz1kwtyo2-Ulx5zYeaBksBGfrvesn_aRN_GmnzbNUMiWBhVNlu1TZO0AGyTozudSsn4aoGPOEyzwhNJg85lYXmulUIZZgMQwM13PPEJPmBHuzNqeLL28PVnBDYt8gXftE4TKLbVB1ZSjFRAPRCVCmOHx72BB9tPyHadZTPkcenaKwcNHtUZw_UMEbvnon_0dC2QKaQxYrhDqwkuiH9B-r88EBt5VLt2HABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENHUPqgIAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBwhMGGJyv-6gC2BMN0BUBmBYB4hYCCAGAFwGyFx4KHAgAEhRwdWItMzE5MTI4OTg4MjA0NTE1NRjNnms&sigh=-rYFN4z-y6Q&cmd=Ch1jYS12aWRlby1wdWItMzE5MTI4OTg4MjA0NTE1NRAAGAI&uach_m=[UACH]&cid=CAQSOwDUE5ym951mMhzjJdzLfiJeJ16r4fDaARsfvaDYGr6HBvWvUM9_71VmN9uz8_qY7-YSi5dNVm0YU8j5GAE&vt=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame B21C 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.554.2&e=44748969%2C44765701%2C44777649&id=ima_html5&c=924451331674672&domain=www.lebanonfiles.com
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:38 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
image/gif
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&top=1&puid=1~ldu1a6o3&c=4395065835724&slotId=2197532917862&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4000:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr1---sn-4g5lzned.googlevideo.com/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr1---sn-4g5lzned.googlevideo.com/videoplayback?expire=1675790557&ei=XRjiY7zFN9myvdIP5MiEmAY&ip=2a01:4a0:1338:92::9&id=c236b4f58633d4ea&itag=22&source=youtube&requiressl=yes&mh=BJ&mm=31&mn=sn-4g5lzned&ms=au&mv=m&mvi=1&pl=36&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=32.066&lmt=1674289150275449&mt=1675761443&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAIGyEDyNP1xF2h1uv8mL9ErCYMFQy5RVYlwuBfyNGpcSAiEAgNkmsKzM5zjbado3uMFCcP1kTNrALMar5rl2azFQcnQ=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgTXDMluT_HqD0ELx7IrpWwnUWKGhOXEJk2wHir78ezNcCIEzO4rl5r31HGq0QVlGN1yca48mfB5PEK9sBV2vWQ_H9&cpn=A-oY3ROaX_wChUKr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:13::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
45965c6a42a270833815a8022833cdcaedb4cead913da88adde839a7e11c6f6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 07 Feb 2023 09:22:38 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 21 Jan 2023 08:19:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1211463/1211464
Cache-Control
private, max-age=28499
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1211464
Expires
Tue, 07 Feb 2023 09:22:38 GMT
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C16133168256505448468165213156,,&tg_c.language=es&width=400&height=225
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.159.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-159-169.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
tag
4cywq-eqnre.ads.tremorhub.com/ad/ 		119 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fwww.lebanonfiles.com%2F&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C17945243836505448468165213156%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:1473:79ff:9ba3:468f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
http://www.lebanonfiles.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
av
vidoomy-d.openx.net/v/1.0/ 		48 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&cb=1175077632&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C6505448468165213156575652630,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ 		65 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ 		65 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=http%3A%2F%2Fwww.lebanonfiles.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
csi
csi.gstatic.com/ Frame B21C 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&puid=8~ldu1a7xt&c=4395065835724&slotId=2197532917862&qqid=CLDOr4KLg_0CFUevUQodCgUI2A&gqid=XRjiY-XjKYnZxgL4q7GYBA&fb=ima_html5-lima&sdkv=h.3.554.2&mrd=4&aab=1&itv=1&met.4=ghmsh_s.ldu1a7xw~vss_tr.170
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4000:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame 1035 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 1035 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:38 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:38 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:38 GMT
server
nginx
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame B21C 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=COyzyXRjiY9aVJdmbkdUP0vO1qAGwjbeGbpPh98ySEcSZ-oO2CRABIJ-X_GJglcKmgrAHoAGcr_uoAsgBBeACAKgDAZgEAKoErAJP0PXKUJ-cxvvKRGN-QiTGBUlec5cvMNYVrbOOwNSAwGF9rMgUjccu--OqUGW9l1xUnEny1g8JFxRinl8C6i-YPFmJUQ2xNHSmqstIbv3smnF6BpVkD8zhz_TqW2mqcvxBmxGsEIscQS0L_Phz8YpPnBBolLCf4zx3PzBpS4BqofSvz1kwtyo2-Ulx5zYeaBksBGfrvesn_aRN_GmnzbNUMiWBhVNlu1TZO0AGyTozudSsn4aoGPOEyzwhNJg85lYXmulUIZZgMQwM13PPEJPmBHuzNqeLL28PVnBDYt8gXftE4TKLbVB1ZSjFRAPRCVCmOHx72BB9tPyHadZTPh8fH9i4aiHPw1fkyZ_0JyKmQEj1Tly4SYggqiJ_AE-IQ4Jr2u0ZfmvK6Y43CtjABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQJoJGmh0dHBzOi8vd3d3Lmhlcm8td2Fycy5jb20vsQlp5XmPejqX3oAKA8gLAdALDuALAbgMAZoNAQ7YEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=5gEyhxdgCyM&label=video_ad_loaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame B21C 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 11:24:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
511087
Cross-Origin-Resource-Policy
cross-origin
Content-Length
15406
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 20:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Vary
Accept-Encoding
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Thu, 01 Feb 2024 11:24:31 GMT
magic.png
bgstats.mox.tv/ Frame B21C 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:38 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
tracking
ad.vidverto.io/delivery/video/ Frame B21C 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.vidverto.io/delivery/video/tracking?vast=tracker&vsp=UjNzU3dPNk4ySlhqYXBzL0VZZ1BZdWpaS21VdVJVaWQ3dzdzZlFIRDBFYzJHQ0FYd1RWcjZoYTk5dFg1Q1JwVDBxd2NISHlKTmJJVGtjZTh3SHhGSXZkbjVKOC9kVWxZaHNMQWNsUEYvSmRMR2xBd0s2TDFGSmo0cmw5V0gwbldWZHZPN0pkVkVOdndEaEZpdDZiWjJnRmxEaENLUS92d2I2RzA5UUVLRkNrUXVpZERueGM3ZTNldWEyaW9Oam1Nb2RaSzB0eXZ3VU5nV05HQ2c3ZXlNcUs4ZWJQQXQ4RkVYYVRXYmZPZDQrVEV0dnpmRjRkY0g4d0FjMmYzUXlrdA%3D%3D&cb=1675761757
Protocol
HTTP/1.1
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:38 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
adview
pubads.g.doubleclick.net/gampad/live/ Frame B21C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/live/adview?ai=CGN_2XRjiY9aVJdmbkdUP0vO1qAGwjbeGbpPh98ySEcSZ-oO2CRABIJ-X_GJglcKmgrAHoAGcr_uoAsgBBeACAKgDAZgEAKoEqQJP0PXKUJ-cxvvKRGN-QiTGBUlec5cvMNYVrbOOwNSAwGF9rMgUjccu--OqUGW9l1xUnEny1g8JFxRinl8C6i-YPFmJUQ2xNHSmqstIbv3smnF6BpVkD8zhz_TqW2mqcvxBmxGsEIscQS0L_Phz8YpPnBBolLCf4zx3PzBpS4BqofSvz1kwtyo2-Ulx5zYeaBksBGfrvesn_aRN_GmnzbNUMiWBhVNlu1TZO0AGyTozudSsn4aoGPOEyzwhNJg85lYXmulUIZZgMQwM13PPEJPmBHuzNqeLL28PVnBDYt8gXftE4TKLbVB1ZSjFRAPRCVCmOHx72BB9tPyHadZTPkcenaKwcNHtUZw_UMEbvnon_0dC2QKaQxYrhDqwkuiH9B-r88EBt5VLt2HABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENHUPqgIAdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsBwhMGGJyv-6gC2BMN0BUBmBYB4hYCCAGAFwGyFx4KHAgAEhRwdWItMzE5MTI4OTg4MjA0NTE1NRjNnms&sigh=-rYFN4z-y6Q&cmd=Ch1jYS12aWRlby1wdWItMzE5MTI4OTg4MjA0NTE1NRAAGAI&uach_m=[UACH]&cid=CAQSOwDUE5ym951mMhzjJdzLfiJeJ16r4fDaARsfvaDYGr6HBvWvUM9_71VmN9uz8_qY7-YSi5dNVm0YU8j5GAE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame B21C 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CdZzxXRjiY9aVJdmbkdUP0vO1qAGwjbeGbpPh98ySEcSZ-oO2CRABIJ-X_GJglcKmgrAHoAGcr_uoAsgBBeACAKgDAZgEAKoEqQJP0PXKUJ-cxvvKRGN-QiTGBUlec5cvMNYVrbOOwNSAwGF9rMgUjccu--OqUGW9l1xUnEny1g8JFxRinl8C6i-YPFmJUQ2xNHSmqstIbv3smnF6BpVkD8zhz_TqW2mqcvxBmxGsEIscQS0L_Phz8YpPnBBolLCf4zx3PzBpS4BqofSvz1kwtyo2-Ulx5zYeaBksBGfrvesn_aRN_GmnzbNUMiWBhVNlu1TZO0AGyTozudSsn4aoGPOEyzwhNJg85lYXmulUIZZgMQwM13PPEJPmBHuzNqeLL28PVnBDYt8gXftE4TKLbVB1ZSjFRAPRCVCmOHx72BB9tPyHadZTPkcenaKwcNHtUZw_UMEbvnon_0dC2QKaQxYrhDqwkuiH9B-r88EBt5VLt2HABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=FLcSjmw7LQs&cmd=Ch1jYS12aWRlby1wdWItMzE5MTI4OTg4MjA0NTE1NRAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D947%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D3462,440,3867,1160%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D32020%26vmtime%3D-1%26is%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1041%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D616007436%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1955%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1675761758144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking
ad.vidverto.io/delivery/video/ Frame B21C 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.vidverto.io/delivery/video/tracking?vast=events&token=bEt2NTY2MHE2dlZZQkY0Tlp3eVhuR3JvOXBTeXdlVGZSWUFqZjViZHA0R1JxM2psOHFMaHJCSnV2N2xVUDkrZm9ndnF2cFU5eFpjaXVYTkxnNlFuWEhDMmUrTzVnOE8wdWR4eUwwOEJ0NlNnbU90U1hBNlFIa2tqL0ZpM3pWdjgyejBSTmhmMmRqTzd5dGlJVXl6Rk1SVjJJQWlkbFhXYVo0TFNvZzZoMXl1cEIwMnFvcXE1Y3BSVHVNZHdLTXZmV0R2bnFNQlIrS2VFTFB4VWZkQ3kwQUNDZ2w2Nm4zOE45d1BTR1d2M0pYZz0%3D&cb=1675761757
Protocol
HTTP/1.1
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:38 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
activeview
pagead2.googlesyndication.com/pcs/ Frame B21C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssW6KhtCalSv5j6aWYRp_urVcbsKD6PnaVvvEC2vePFD_zKJ69dkZxR55eQJ7vSNvOlOcGho2DBx8ouY-DVuPTR6wm2MWxoj1uUjH2qGTsyuIhjbXdOccPC2-2LvMDbXqfzWCExL6hzvwbNnvo1TNzwj9TXemcbv57B&sai=AMfl-YRMlgkZ1VPl7miUBpzWDkVff3bX6RhHmfI3XGiHSe9F5qBQ5tQ3zk0qCkcmoxdDQyNgLdI0lSKn9oDtOVqZh1ILbAmfP1vsdfAX34oJ6MFz6-kMeFgWVUwfC8A&sig=Cg0ArKJSzEkWcFIGtwFWEAE&cid=CAQSOwDUE5ym951mMhzjJdzLfiJeJ16r4fDaARsfvaDYGr6HBvWvUM9_71VmN9uz8_qY7-YSi5dNVm0YU8j5GAE&id=lidarv&acvw=sv%3D947%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D3462,440,3867,1160%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D32020%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26ic%3D33554450%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1041%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D616007436%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1956%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1675761758144&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame B21C 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CdZzxXRjiY9aVJdmbkdUP0vO1qAGwjbeGbpPh98ySEcSZ-oO2CRABIJ-X_GJglcKmgrAHoAGcr_uoAsgBBeACAKgDAZgEAKoEqQJP0PXKUJ-cxvvKRGN-QiTGBUlec5cvMNYVrbOOwNSAwGF9rMgUjccu--OqUGW9l1xUnEny1g8JFxRinl8C6i-YPFmJUQ2xNHSmqstIbv3smnF6BpVkD8zhz_TqW2mqcvxBmxGsEIscQS0L_Phz8YpPnBBolLCf4zx3PzBpS4BqofSvz1kwtyo2-Ulx5zYeaBksBGfrvesn_aRN_GmnzbNUMiWBhVNlu1TZO0AGyTozudSsn4aoGPOEyzwhNJg85lYXmulUIZZgMQwM13PPEJPmBHuzNqeLL28PVnBDYt8gXftE4TKLbVB1ZSjFRAPRCVCmOHx72BB9tPyHadZTPkcenaKwcNHtUZw_UMEbvnon_0dC2QKaQxYrhDqwkuiH9B-r88EBt5VLt2HABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=FLcSjmw7LQs&cmd=Ch1jYS12aWRlby1wdWItMzE5MTI4OTg4MjA0NTE1NRAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D947%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D3462,440,3867,1160%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D32020%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D33554450%26i0%3D33554450%26ic%3D0%26cs%3D33554450%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1041%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D616007436%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1957%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1675761758144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking
ad.vidverto.io/delivery/video/ Frame B21C 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad.vidverto.io/delivery/video/tracking?vast=events&token=eDNyS2NvUG5uRDRiMWwvWkd6T3JXZjdPVFZ4cDI4bE0xM0s4T0g4VG81OXBnempTcW9NRGNFaC8zMHl6dG55VFRlSzUvek9QZEU4TFNNanpINmx2V0RzT3k4VkhlUTl0RStIQm9rZ1JQZDhnekVlOExrYXpuUVR4VkJzMFJ4VFdHV3B2Z0JVb0VnOXBEcUNaSDIwQkVudkJDeGVYZnBPcWxac2o2dHFrUFFRVEkvQVh5OXd4dTVwdG00R3JHRFlBWFRqVXN3dDBvLzBuVFdPNEVYclNkZz09&cb=1675761757
Protocol
HTTP/1.1
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:38 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
gen_204
pagead2.googlesyndication.com/pagead/ Frame B21C 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.554.2&e=44748969%2C44765701%2C44777649&id=ima_html5&c=924451331674672&domain=www.lebanonfiles.com
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:38 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
image/gif
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame B21C 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CdZzxXRjiY9aVJdmbkdUP0vO1qAGwjbeGbpPh98ySEcSZ-oO2CRABIJ-X_GJglcKmgrAHoAGcr_uoAsgBBeACAKgDAZgEAKoEqQJP0PXKUJ-cxvvKRGN-QiTGBUlec5cvMNYVrbOOwNSAwGF9rMgUjccu--OqUGW9l1xUnEny1g8JFxRinl8C6i-YPFmJUQ2xNHSmqstIbv3smnF6BpVkD8zhz_TqW2mqcvxBmxGsEIscQS0L_Phz8YpPnBBolLCf4zx3PzBpS4BqofSvz1kwtyo2-Ulx5zYeaBksBGfrvesn_aRN_GmnzbNUMiWBhVNlu1TZO0AGyTozudSsn4aoGPOEyzwhNJg85lYXmulUIZZgMQwM13PPEJPmBHuzNqeLL28PVnBDYt8gXftE4TKLbVB1ZSjFRAPRCVCmOHx72BB9tPyHadZTPkcenaKwcNHtUZw_UMEbvnon_0dC2QKaQxYrhDqwkuiH9B-r88EBt5VLt2HABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=FLcSjmw7LQs&cmd=Ch1jYS12aWRlby1wdWItMzE5MTI4OTg4MjA0NTE1NRAAGAI&label=admute&ad_mt=0&acvw=sv%3D947%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D3462,440,3867,1160%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D10%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D10%26pst%3D-1%26dur%3D32020%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D10%26is%3D33554450%26i0%3D33554450%26ic%3D4096%26cs%3D33558546%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1041%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D0,0,0,0,0%26avms%3Dexc%26qi%3D616007436%26psm%3D-2147483648%26psv%3D0%26psfv%3D0%26psa%3D0%26ptlt%3D1960%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1675761758144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:38 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8498a175d0101f4a0d9d5ac8956bfe56c9b3c78d417e786bef66301a5a5483cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
async_usersync
ib.adnxs.com/ Frame C634 		0
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:38 GMT
AN-X-Request-Uuid
b9877619-b606-498a-b95b-bac3ece5db90
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
480_650.mp4
cdn.vidverto.io/data/FQA1jG65ZQhuH1V/1327/video/1817/ 		596 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/data/FQA1jG65ZQhuH1V/1327/video/1817/480_650.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.223.225 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-180-223-225.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
http://www.lebanonfiles.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=32768-

Response headers

Date
Tue, 07 Feb 2023 09:22:38 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:10 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd3e-7b4088"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 32768-8077447/8077448
Connection
keep-alive
Content-Length
8044680
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 9C64 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
511088
Cache-Control
public, max-age=31536000
Content-Encoding
gzip
Content-Length
8727
Content-Type
text/html
Cross-Origin-Opener-Policy
same-origin; report-to="adspam-signals-scs"
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 01 Feb 2023 11:24:31 GMT
Expires
Thu, 01 Feb 2024 11:24:31 GMT
Last-Modified
Tue, 03 Mar 2020 20:15:00 GMT
Report-To
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
Server
sffe
Timing-Allow-Origin
*
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-XSS-Protection
0
ad
v.lkqd.net/ Frame 8CFF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=11946448&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e9d2c6e74baed7956dac8e2827ff7319ba7c0b17da89bbd1fc5d4e49ac2853ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:39 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml; charset=UTF-8
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1407
playback
www.youtube.com/api/stats/ Frame B21C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&fexp=44748969%2C44765701%2C44777649&el=adunit&cpn=A-oY3ROaX_wChUKr&docid=wja09YYz1Oo&visitordata=Cgs5MGRlTHR5NFg2cw%253D%253D&of=-_xhI4eL4MjOL53E0nwGhA&ver=2&cmt=1.150&fmt=18&rt=0.000&adformat=2_2_1&euri=http%3A%2F%2Fwww.lebanonfiles.com%2F&len=32.020&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=109.0.5414.119&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.113.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-113-17.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:39 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 4348 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.113.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-113-17.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:40 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
pagead2.googlesyndication.com/bg/ Frame 9C64 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Requested by
Host: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Thu, 02 Feb 2023 14:13:46 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
414533
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
Cross-Origin-Resource-Policy
cross-origin
Content-Length
16039
X-XSS-Protection
0
Last-Modified
Mon, 30 Jan 2023 11:38:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="botguard-scs"
Vary
Accept-Encoding
Report-To
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Expires
Fri, 02 Feb 2024 14:13:46 GMT
tracking-event
api.webgains.io/ Frame 8D92 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.113.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-113-17.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:40 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.113.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-113-17.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:39 GMT
server
nginx
tracking-event
api.webgains.io/ Frame B9CF 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.113.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-113-17.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:40 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.113.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-113-17.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:39 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 8D92 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.113.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-113-17.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:40 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.113.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-113-17.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:39 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 4348 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.113.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-113-17.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:40 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.113.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-113-17.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:39 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 631B 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.113.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-113-17.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 07 Feb 2023 09:22:40 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.41.113.17 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-41-113-17.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 07 Feb 2023 09:22:39 GMT
server
nginx
vpaid.js
ad.lkqd.net/vpaid/ Frame 40FF 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:39 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1675761759.cds151.fr8.hn,1675761759.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame A5E0 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Tue, 07 Feb 2023 09:22:40 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1675761760.cds151.fr8.hn,1675761760.cds288.fr8.c
ad
v.lkqd.net/ Frame 40FF 		66 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=11946448&m=&rtv=1&thost=www.lebanonfiles.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
50ebd8c3838683f43eab2f12412d903836ae51b0e811df9e3b7e9161bf00884f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Feb 2023 09:22:40 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
4163
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=11946448&m=&rtv=1&thost=www.lebanonfiles.com
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Access-Control-Expose-Headers
Content-Type, Content-Disposition
Access-Control-Max-Age
300
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Feb 2023 09:22:40 GMT
Server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9C64 		0
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.554.2&bgai=BlDCwXRjiY9aVJdmbkdUP0vO1qAEAAAAAOAG6BRMIm-mngouD_QIVHpInAh2S8wE0&bg=!z8ylzIjNAAaq5O5FiuQ7ACkAdvg8WtIluAS47VaG9pDzWCLi69xP4OJSpwXaKbUz74GddClS4by1AwIAAABnUgAAAAJoAQcKAK5-JOwfxmfvir9Da9WiQFyQpDhwAMKiFMP9JyJr2YJtD-ZSc6o_03Oy-t4DZCGHTxGFhIM6KAYqCHM708VYmY4IlNL5OaWM9RLhJOHSX7BS95ehPC4RdO0tTKjZG53NZWqT6bEbo-mojbXyqA2kMjMHL6cAns8aPbL0d34de_cbY8MVl1_roJNbKPQFP2F4gKdDuXA_LLBHKI0Vr2NN9Plye9CHCztnMN2CKguQXg6ZAj5FEDCD2LnSjk55Pc6SY7au-bMKEM3d-GXdd0xICX5eh7tHEMAJU9AZLi5tq-YrWBnVs4Z_0ocxomLHEeShh9YPGjLOlwJ-u8MfxJhlqYqNXJ5xp2hF_v9ZB61n0nOHVyvGU3nrSuCXT6dNFr0hFhX2xMCAsi6Rua3qAywBexfjwtW9HZp1GCpdEKnOrOL6OYzVF2OaU7e4MQTQh3Yd3OCVS3EhJ52qcbjI7438kAIq_4NLT7PrzV_qhmM2aRHPL6HWY1w46NMUVEhf0ioE9KG9tAxtgvsfj2Ohm5Of6S-20BpBnGPRRWSQCq1Q9Yrb_5Knat9wAMA9rFNzUIZXmVxBxG02yyZwXrxAXDTRy-Q7CinLOg3QOA6MTa1H7pE6KALd1ZWVvAOq5ywNRLuu7lOyGyq_K07Lz-ISJNc9m14JnFgbQ30tHdIQipCW1myF4qEdmU4XiknX02SgjhEwgyznZQ6hr35yBOSF6k-b99YRV_iSDzafeY01wOsgHSFcRPkrvShCRIkvcla-0HztspdaNEP1bNSzLt-Z4Uq_L3bpRnyOF86FVj5ToBSEdrLC-AVAQZmA9Fhz0HPjIDMLubhTkZTRhs9tLZHvjH2CxdoVs1rotTnI9BQPEbk_7rbgzaJMkz_P2vJBV7k9ly5eUuOCUBFDkFFrxZTuy1hNOrkRumho8MNlBJBefk6z5JAEyd75mM6Iq85vWkYO0CoNX3K-CPFzNF4o5yWZucO4fCUMyGAMkbCAtRiNnx17mx_B
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:40 GMT
X-Content-Type-Options
nosniff
Server
cafe
Content-Type
image/gif
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cs
cs.lkqd.net/ Frame A5E0
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b16571c8-fb10-403c-8214-c696ae2c932f
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b16571c8-fb10-403c-8214-c696ae2c932f
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=b16571c8-fb10-403c-8214-c696ae2c932f
date
Tue, 07 Feb 2023 09:22:40 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame A5E0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A5E0 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame A5E0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:40 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame A5E0
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:40 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Date
Tue, 07 Feb 2023 09:22:40 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:40 GMT
server
nginx
t
t.lkqd.net/ Frame 4884 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C11757555932171898890112361554,,&tg_c.language=es&width=400&height=225
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.159.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-159-169.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:40 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
tag
4cywq-eqnre.ads.tremorhub.com/ad/ 		119 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fwww.lebanonfiles.com%2F&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C18651336802171898890112361554%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:1473:79ff:9ba3:468f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:40 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
http://www.lebanonfiles.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
av
vidoomy-d.openx.net/v/1.0/ 		48 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&cb=378649969&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C2171898890112361554119542558,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:40 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ 		65 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ 		65 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=http%3A%2F%2Fwww.lebanonfiles.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7439281&_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C2171898890112361554823797473,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.139 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-139.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 07 Feb 2023 09:22:40 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1675761760300094-501
Expires
Tue, 07 Feb 2023 09:22:40 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:40 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:40 GMT
server
nginx
t
t.lkqd.net/ Frame 4884 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 4884 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:40 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame 8CFF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=17245418&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
63177790a825e26ecb26cc0544a1a7df7dc9a60d808c010dbe642132e6565115

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:41 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml; charset=UTF-8
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1410
vpaid.js
ad.lkqd.net/vpaid/ Frame EAF8 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:41 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1675761761.cds151.fr8.hn,1675761761.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 3139 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Tue, 07 Feb 2023 09:22:41 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1675761761.cds151.fr8.hn,1675761761.cds288.fr8.c
ad
v.lkqd.net/ Frame EAF8 		57 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=17245418&m=&rtv=1&thost=www.lebanonfiles.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
aebdc69c8dd4d0029a43ed0c154d94bcd32324f53074b7d5be8f9d9e2d48e022

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Feb 2023 09:22:41 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3851
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=17245418&m=&rtv=1&thost=www.lebanonfiles.com
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Access-Control-Expose-Headers
Content-Type, Content-Disposition
Access-Control-Max-Age
300
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Feb 2023 09:22:41 GMT
Server
nginx
cs
cs.lkqd.net/ Frame 3139
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e8ec2a5d-a3e7-48c1-a8ad-b907b6aadfa5
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e8ec2a5d-a3e7-48c1-a8ad-b907b6aadfa5
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:41 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=e8ec2a5d-a3e7-48c1-a8ad-b907b6aadfa5
date
Tue, 07 Feb 2023 09:22:41 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 3139 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:41 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3139 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:41 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 3139
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:41 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 3139
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:41 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Date
Tue, 07 Feb 2023 09:22:41 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 07A3 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:41 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:41 GMT
server
nginx
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C13883068978715394476512682163,,&tg_c.language=es&width=400&height=225
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.159.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-159-169.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:41 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
tag
4cywq-eqnre.ads.tremorhub.com/ad/ 		119 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fwww.lebanonfiles.com%2F&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C20755820508715394476512682163%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:1473:79ff:9ba3:468f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:41 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
http://www.lebanonfiles.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
av
vidoomy-d.openx.net/v/1.0/ 		48 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&cb=1389911162&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C8715394476512682163490938246,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:41 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ 		65 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ 		65 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=http%3A%2F%2Fwww.lebanonfiles.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame B21C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssW6KhtCalSv5j6aWYRp_urVcbsKD6PnaVvvEC2vePFD_zKJ69dkZxR55eQJ7vSNvOlOcGho2DBx8ouY-DVuPTR6wm2MWxoj1uUjH2qGTsyuIhjbXdOccPC2-2LvMDbXqfzWCExL6hzvwbNnvo1TNzwj9TXemcbv57B&sai=AMfl-YRMlgkZ1VPl7miUBpzWDkVff3bX6RhHmfI3XGiHSe9F5qBQ5tQ3zk0qCkcmoxdDQyNgLdI0lSKn9oDtOVqZh1ILbAmfP1vsdfAX34oJ6MFz6-kMeFgWVUwfC8A&sig=Cg0ArKJSzEkWcFIGtwFWEAE&cid=CAQSOwDUE5ym951mMhzjJdzLfiJeJ16r4fDaARsfvaDYGr6HBvWvUM9_71VmN9uz8_qY7-YSi5dNVm0YU8j5GAE&id=lidarv&acvw=sv%3D947%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D920,1280,1100,1600%26tos%3D2030,0,0,0,0%26mtos%3D2030,2030,2030,2030,2030%26amtos%3D0,0,0,0,0%26mcvt%3D2030%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3283%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1658%26pst%3D1463%26dur%3D32020%26vmtime%3D3131%26dtos%3D2030%26dtoss%3D1%26dvs%3D2030%26dfvs%3D2030%26dvpt%3D3273%26is%3D33554707%26i0%3D33554450%26ic%3D16777473%26cs%3D50336019%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D0%26ces%26femt%3D1041%26femvt%3D0%26emc%3D15%26emuc%3D0%26emb%3D12,0,0,0,0%26avms%3Dexc%26qi%3D616007436%26psm%3D-2147483634%26psv%3D14%26psfv%3D14%26psa%3D0%26ptlt%3D5233%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2030&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1675761758144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:41 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:41 GMT
server
nginx
t
t.lkqd.net/ Frame 07A3 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:41 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 07A3 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:41 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
ad
v.lkqd.net/ Frame 8CFF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=21002306&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
d13d86bb57a7f0886d8de68ce1e2e2e1109f8eee768438c857fef5a080f61ae4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:42 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml; charset=UTF-8
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1411
vpaid.js
ad.lkqd.net/vpaid/ Frame 3863 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:42 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1675761762.cds151.fr8.hn,1675761762.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 9FC4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Tue, 07 Feb 2023 09:22:42 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1675761762.cds151.fr8.hn,1675761762.cds288.fr8.c
ad
v.lkqd.net/ Frame 3863 		50 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=21002306&m=&rtv=1&thost=www.lebanonfiles.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
8d77e38aa42ff96c2dcca03eff38acec1bcadf1ecfc7b292949724dbec3a1000

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Feb 2023 09:22:42 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3843
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=21002306&m=&rtv=1&thost=www.lebanonfiles.com
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Access-Control-Expose-Headers
Content-Type, Content-Disposition
Access-Control-Max-Age
300
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Feb 2023 09:22:42 GMT
Server
nginx
cs
cs.lkqd.net/ Frame 9FC4
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=7f259071-9671-4e0c-84fb-b0b7a23de724
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=7f259071-9671-4e0c-84fb-b0b7a23de724
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=7f259071-9671-4e0c-84fb-b0b7a23de724
date
Tue, 07 Feb 2023 09:22:42 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 9FC4 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9FC4 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 9FC4
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 9FC4
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:42 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Date
Tue, 07 Feb 2023 09:22:42 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 98ED 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:42 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:42 GMT
server
nginx
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C7393589954958688171631533541,,&tg_c.language=es&width=400&height=225
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.159.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-159-169.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:43 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
tag
4cywq-eqnre.ads.tremorhub.com/ad/ 		119 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fwww.lebanonfiles.com%2F&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C8462458804958688171631533541%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:1473:79ff:9ba3:468f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:43 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
http://www.lebanonfiles.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
av
vidoomy-d.openx.net/v/1.0/ 		48 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&cb=779799326&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C49586881716315335411248871876,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:43 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ 		65 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ 		65 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=http%3A%2F%2Fwww.lebanonfiles.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:43 GMT
server
nginx
t
t.lkqd.net/ Frame 98ED 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:43 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 98ED 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:43 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:43 GMT
server
nginx
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame B21C 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=CdZzxXRjiY9aVJdmbkdUP0vO1qAGwjbeGbpPh98ySEcSZ-oO2CRABIJ-X_GJglcKmgrAHoAGcr_uoAsgBBeACAKgDAZgEAKoEqQJP0PXKUJ-cxvvKRGN-QiTGBUlec5cvMNYVrbOOwNSAwGF9rMgUjccu--OqUGW9l1xUnEny1g8JFxRinl8C6i-YPFmJUQ2xNHSmqstIbv3smnF6BpVkD8zhz_TqW2mqcvxBmxGsEIscQS0L_Phz8YpPnBBolLCf4zx3PzBpS4BqofSvz1kwtyo2-Ulx5zYeaBksBGfrvesn_aRN_GmnzbNUMiWBhVNlu1TZO0AGyTozudSsn4aoGPOEyzwhNJg85lYXmulUIZZgMQwM13PPEJPmBHuzNqeLL28PVnBDYt8gXftE4TKLbVB1ZSjFRAPRCVCmOHx72BB9tPyHadZTPkcenaKwcNHtUZw_UMEbvnon_0dC2QKaQxYrhDqwkuiH9B-r88EBt5VLt2HABO6lyvSSBOAEAaAGVIAHzNCE1wGoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=FLcSjmw7LQs&cmd=Ch1jYS12aWRlby1wdWItMzE5MTI4OTg4MjA0NTE1NRAAGAI&label=video_skip_shown&ad_mt=5256&acvw=sv%3D947%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D920,1280,1100,1600%26p0%3D3462,440,3867,1160%26tos%3D4050,0,0,0,0%26mtos%3D4050,4050,4050,4050,4050%26amtos%3D0,0,0,0,0%26mcvt%3D4050%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5303%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D2260%26pst%3D1463%26dur%3D32020%26vmtime%3D5256%26is%3D33554707%26i0%3D33554450%26cs%3D50336019%26c%3D1%26c0%3D0%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D4050,4050,4050,4050,4050%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D0%26ces%26femt%3D1041%26femvt%3D0%26emc%3D25%26emuc%3D0%26emb%3D22,0,0,0,0%26avms%3Dexc%26qi%3D616007436%26psm%3D-2147483586%26psv%3D62%26psfv%3D62%26psa%3D0%26ptlt%3D7253%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,4050%26ss0%3D0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1675761758144
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:43 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
v.lkqd.net/ Frame 8CFF 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=12283313&m=
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
2f2ef50d66b4f64c717b9a421b38c20fc576c03f9d3847bad471e7db8424ecd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 09:22:43 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/xml; charset=UTF-8
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1406
vpaid.js
ad.lkqd.net/vpaid/ Frame 5173 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/formats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:44 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 21:01:07 GMT
etag
"88ca76abee51b1544e17b021f04aaaed"
x-hw
1675761764.cds151.fr8.hn,1675761764.cds333.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1209600
accept-ranges
bytes
content-length
62021
usync.html
ad.lkqd.net/cookie-sync/ Frame 189D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.lkqd.net/cookie-sync/usync.html
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
/
Resource Hash
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
1882
content-type
text/html
date
Tue, 07 Feb 2023 09:22:44 GMT
etag
"952dcfd8e3703b5a7e78418d51009535"
last-modified
Fri, 18 Feb 2022 17:38:44 GMT
x-hw
1675761764.cds151.fr8.hn,1675761764.cds288.fr8.c
ad
v.lkqd.net/ Frame 5173 		57 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=12283313&m=&rtv=1&thost=www.lebanonfiles.com
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
9045f67eeee39ad9304a630eccb3e2b16be03e3d8320177eac461bb64380ec64

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 07 Feb 2023 09:22:44 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
3847
ad
v.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=12283313&m=&rtv=1&thost=www.lebanonfiles.com
Protocol
HTTP/1.1
Server
146.20.132.107 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
http://www.lebanonfiles.com
Access-Control-Expose-Headers
Content-Type, Content-Disposition
Access-Control-Max-Age
300
Cache-Control
max-age=300
Connection
keep-alive
Content-Length
0
Date
Tue, 07 Feb 2023 09:22:44 GMT
Server
nginx
cs
cs.lkqd.net/ Frame 189D
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
  • https://cs.lkqd.net/cs?partnerId=54&partnerUserId=25fd2c88-fb01-410a-86df-1701494c78dc
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=25fd2c88-fb01-410a-86df-1701494c78dc
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:44 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=54&partnerUserId=25fd2c88-fb01-410a-86df-1701494c78dc
date
Tue, 07 Feb 2023 09:22:44 GMT
server
_
content-length
0
cs
cs.lkqd.net/ Frame 189D 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:44 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 189D 		43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:44 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43
cs
cs.lkqd.net/ Frame 189D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=65
  • https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:44 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

location
https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2996705659344201431
pragma
no-cache
date
Tue, 07 Feb 2023 09:22:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cs
cs.lkqd.net/ Frame 189D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=161
  • https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
43 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/cookie-sync/usync.html
Protocol
H2
Server
146.20.132.150 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ad.lkqd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 09:22:44 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

Location
https://cs.lkqd.net/cs?partnerId=93&partnerUserId=ULh9u8ctRLBbII-VliKxE1D_B2c
Date
Tue, 07 Feb 2023 09:22:44 GMT
Connection
keep-alive
Content-Length
104
Content-Type
text/html; charset=utf-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:44 GMT
server
nginx
t
t.lkqd.net/ Frame 725A 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:44 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
vast.xml
optimized-by.rubiconproject.com/a/api/ 		28 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24386&site_id=416676&zone_id=2350390&size_id=201&p_aso.video.protocols=2,5,3,6,7,8,11,12,13,14&p_aso.video.maxduration=30&p_aso.video.playbackmethod=2&p_aso.video.api=2&gdpr=&gdpr_consent=&rp_schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C19005533471983860412948609070,,&tg_c.language=es&width=400&height=225
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.159.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-159-169.eu-central-1.compute.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:44 GMT
server
nginx/1.21.4
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
tag
4cywq-eqnre.ads.tremorhub.com/ad/ 		119 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4cywq-eqnre.ads.tremorhub.com/ad/tag?adCode=4cywq-7ivfu&playerWidth=400&playerHeight=225&srcPageUrl=http%3A%2F%2Fwww.lebanonfiles.com%2F&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C2111617011983860412948609070%2C%2C
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:1473:79ff:9ba3:468f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:44 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
http://www.lebanonfiles.com
content-type
text/xml;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
av
vidoomy-d.openx.net/v/1.0/ 		48 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&cb=1740372983&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C57465%2C1%2C19838604129486090701260393555,,
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
http://www.lebanonfiles.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ 		65 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&url=http%3A%2F%2Fwww.lebanonfiles.com%2F&t=2
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
/
adx.adform.net/adx/ 		65 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=970530&t=2&url=http%3A%2F%2Fwww.lebanonfiles.com%2F
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.lebanonfiles.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 07 Feb 2023 09:22:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
http://www.lebanonfiles.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
t
t.lkqd.net/ Frame 725A 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:45 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 725A 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Requested by
Host: ad.lkqd.net
URL: https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
http://www.lebanonfiles.com
date
Tue, 07 Feb 2023 09:22:45 GMT
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain; charset=UTF-8
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:44 GMT
server
nginx
t
t.lkqd.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.lkqd.net/t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.20.132.133 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://www.lebanonfiles.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-origin
http://www.lebanonfiles.com
access-control-expose-headers
Content-Type, Content-Disposition
access-control-max-age
300
cache-control
max-age=300
content-length
0
content-type
text/plain; charset=UTF-8
date
Tue, 07 Feb 2023 09:22:44 GMT
server
nginx
ad
v.lkqd.net/ Frame 8CFF 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
t.effectivemeasure.net
URL
https://t.effectivemeasure.net/tag.js?1675
Domain
www.lebanonfiles.com
URL
http://www.lebanonfiles.com/
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Domain
t.lkqd.net
URL
https://t.lkqd.net/t
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEK2U7A5lkMowhpoJ1D-Yzyo&google_cver=1&google_push=Aa02lx8HkSIJqQxi98wjUjAOBL3tqm3PdYFYHASK9XOHlabZIlQ209sagBT8H-8gmNWigh9pj_XRAmd3-Dz815_ev8e6IEJdP1gmu_NO
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEK2U7A5lkMowhpoJ1D-Yzyo&google_cver=1&google_push=Aa02lx_7O5QnEppAZFiJ5ZXDjqmMv4L9Sh7aeML0ll0qAqV_ZQgeOVCnA60EJ2crAZyapYQ24Dg4_k1VtUJQJXJjVlBWPLBo6ZZV4gm1
Domain
v.lkqd.net
URL
http://v.lkqd.net/ad?pid=430&sid=1115698&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=0&gdprcs=&pageurl=http%3A%2F%2Fwww.lebanonfiles.com%2F&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C57465%2C1%2C&c4=true&c5=&c6=57465&c10=&c11=true&c12=&c13=true&c14=&c15=true&c16=&c17=true&rnd=48011102&m=

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| oncontentvisibilityautostatechange object| __cfQR object| __cfBeacon undefined| $ function| jQuery object| TMNCWP object| $jscomp$this function| anime function| Plyr function| IScroll function| Swiper function| gtag object| dataLayer object| _Hasync function| documentInitOneSignal function| OneSignal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| callPlayers function| __tcfapi_8928924878912 object| vpaidLoader object| google_tag_manager object| TWAGORAINARTICLE object| pbjs object| googletag object| AD_UNITS_TOGGLE_OFF object| AD_UNITS_TOGGLE_ON object| gptAdSlots object| regeneratorRuntime object| Leya object| streamamp object| triple13 string| em_ns function| _em object| google_tag_data string| GoogleAnalyticsObject function| ga object| AdSlotCollection object| __tgconf function| __tginitcb function| chfh function| chfh2 string| _HST_cntval object| Histats object| mc function| $mcj object| fnames object| ftypes object| runtime function| setImmediate function| clearImmediate object| wpcf7 function| renderInvisibleReCaptcha object| gaplugins object| gaGlobal object| gaData function| SimpleBar object| lbfscripts function| getUrlParameter function| setUrl function| setCookie function| getCookie function| getHourlyNewsAjax function| isValidEmailAddress function| showCoverageLetters function| newsletterPopupRegister object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe boolean| __cfRLUnblockHandlers function| _extends function| _typeof function| LazyLoad function| ES6Promise function| FuckAdBlock object| fuckAdBlock object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| FB object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| player object| __oa360ScriptsState boolean| __isGoogleAllowed object| pbjs325474 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| iFrameResize object| ProjectAgora function| addcss string| ExitBeeObject function| xtb function| pbjsChunk object| _pbjsGlobals number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 function| onYouTubeIframeAPIReady object| __buffer object| GoogleGcLKhOms object| _HistatsCounterGraphics_0_setValues object| pbjs325474Chunk object| ADAGIO object| recaptcha object| xtbClient object| lkqd object| mobile_blocked_mfs function| lkqd_http_response number| adRefreshTimer function| createGeoRestrictionCookie object| _mappingResponses object| __iat_api object| __tgunits object| aries number| vidverto object| aries_registry function| IMA function| VidvertoPlayer object| _aries object| _google_rum_ns_ function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent function| inView function| VASTClient object| vidvertoPromiseCache object| closure_lm_331329 object| inViewWindow function| VidvertoPlayerVideoPlaylistUI object| closure_lm_357718 object| closure_lm_585283 function| arrive function| unbindArrive function| leave function| unbindLeave

90 Cookies

Domain/Path Name / Value
.tesseradigital.com/ Name: tpuuid
Value: wen9oYxK6bAb5w5BdficTU0KcQ3myVg3meKA7KxEYaIo
www.lebanonfiles.com/ Name: HstCfa1238494
Value: 1675761753019
www.lebanonfiles.com/ Name: HstCla1238494
Value: 1675761753019
www.lebanonfiles.com/ Name: HstCmu1238494
Value: 1675761753019
www.lebanonfiles.com/ Name: HstPn1238494
Value: 1
www.lebanonfiles.com/ Name: HstPt1238494
Value: 1
www.lebanonfiles.com/ Name: HstCnv1238494
Value: 1
www.lebanonfiles.com/ Name: HstCns1238494
Value: 1
.lebanonfiles.com/ Name: _gid
Value: GA1.2.1696841188.1675761753
.lebanonfiles.com/ Name: _gat_gtag_UA_60620050_1
Value: 1
.bidswitch.net/ Name: tuuid
Value: 7b98b217-8a90-4507-852e-bd18524b0892
.bidswitch.net/ Name: c
Value: 1675761753
.bidswitch.net/ Name: tuuid_lu
Value: 1675761753
.yahoo.com/ Name: A3
Value: d=AQABBFkY4mMCEKU0SYupxrG29c-3WmZvUawFEgEBAQFp42PrYwAAAAAA_eMAAA&S=AQAAAq9i0WfcbEbtHpqjkH2rMVY
.lebanonfiles.com/ Name: _ga_G4EQ7NKTZM
Value: GS1.1.1675761753.1.0.1675761753.0.0.0
.lebanonfiles.com/ Name: _ga
Value: GA1.1.523928778.1675761753
.lebanonfiles.com/ Name: __gpi
Value: UID=00000bb13dbe94f4:T=1675761753:RT=1675761753:S=ALNI_Maxx7Hjhh_9da5la1oXmHj7_VgQWg
.lebanonfiles.com/ Name: _sharedID
Value: 4b9ae9a9-297d-4e21-bdb5-500a0f1d1e2a
.ads.stickyadstv.com/ Name: UID
Value: 606ca945a87f95196b14c73aadf71e
.mathtag.com/ Name: uuid
Value: 817463e2-1859-4800-b13f-de4fed3864eb
.insurads.com/ Name: ___iat_gid
Value: 01453D0F6A0C04E2
www.lebanonfiles.com/ Name: Exitbee_vid
Value: 872b6565-7df5-4ddd-9499-ae6f1764b0f0
www.lebanonfiles.com/ Name: Exitbee_sessionCampaigns
Value: []
www.lebanonfiles.com/ Name: Exitbee_nrPagesVisited
Value: 0
www.lebanonfiles.com/ Name: Exitbee_visitsCount
Value: 1
www.lebanonfiles.com/ Name: Exitbee_source
Value:
.turn.com/ Name: uid
Value: 2996705659344201431
www.lebanonfiles.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.lebanonfiles.com/ Name: _pubCommonId
Value: cdb1786b-a05f-4914-b50d-36167dc26fd6
www.lebanonfiles.com/ Name: __oagr
Value: true
.lebanonfiles.com/ Name: ___iat_ses
Value: 01453D0F6A0C04E2
.lebanonfiles.com/ Name: ___iat_vis
Value: 01453D0F6A0C04E2.01b252f7b1c688b97b62314ec5bfc24b.1675761753934.cd5fa8e2b2144af6bf1131e2f266b2cd.AUUEIZEBOM.11111111.1.0
.vidoomy.com/ Name: vidoomy-uids
Value: eyJ1aWRzIjp7IkJTIjp7InVpZCI6IjdiOThiMjE3LThhOTAtNDUwNy04NTJlLWJkMTg1MjRiMDg5MiIsImV4cGlyZXMiOjE2NzgzNTM3NTR9LCJZQUgiOnsidWlkIjoieS03Z0hSLkoxRTJ1RnlmUDNkV0VQUXhTcFBad2NHSzdfTG82N3p6Mm8tfkEiLCJleHBpcmVzIjoxNjc4MzUzNzUzfX19
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-50b87dbb-c72d-44b0-5b20-8f959622b113.kLQItQoJn6PJw4nYMDcXrgvoi5cYmJtkgohTdX8lTnY
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AULh9u8ctRLBbII-VliKxE1D_B2c.%2Bu0VBBLnJvWFFR7hg3rT2iC5%2FWdC4NaS5nyMYw1kdsQ
.rubiconproject.com/ Name: khaos
Value: LDU1A530-22-E66F
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrEse30kdjuMjJyJWsUz7C058hVZnsEkaPVlKW6x8EmB7jdmUFKLGliFcm19Hofba1o2B05UvZjL+go3qk0EBdLsqlSNZOaaDQ=
.doubleclick.net/ Name: IDE
Value: AHWqTUnUy0qtja8qK8pWSOpbn-mFrjUOuPMRRtdDtvn-VJPcNk_CkI71uUxKeAFVF6M
.lebanonfiles.com/ Name: __gads
Value: ID=0900775d8e88bcd6-221f379aa2db0021:T=1675761753:S=ALNI_MawDrq73fn4x63s9kq8mAxZwuW2DA
.analytics.yahoo.com/ Name: IDSYNC
Value: "1982~29ux:18yx~29ux"
.3lift.com/ Name: tluid
Value: 557515911976382975522
.quantserve.com/ Name: d
Value: EC4BCQGeKIEA
.quantserve.com/ Name: mc
Value: 63e2185c-0c45a-60aed-db05c
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22CB31B9AF-AA2A-4D86-9AB9-881C34C195A5%22%7D
.mathtag.com/ Name: mt_mop
Value: 4:1675761756
.adfarm1.adition.com/ Name: UserID1
Value: 7197341937911199893
.adnxs.com/ Name: uuid2
Value: 2732121254786038173
.simpli.fi/ Name: suid
Value: 5BCC59C25B8B4F51BF98675D595522A5
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.ctnsnet.com/ Name: gid_CAESEIdpFSniZmQmD2Rkh_VkScc
Value: 1
.casalemedia.com/ Name: CMID
Value: Y.IYXJahVj7h3mo3JgEwQwAA
.casalemedia.com/ Name: CMPS
Value: 1178
.casalemedia.com/ Name: CMPRO
Value: 1178
.de17a.com/ Name: guid
Value: 1.5869873391521915319
.w55c.net/ Name: wfivefivec
Value: Eo0xvlbv1Ppkbq5
.360yield.com/ Name: tuuid
Value: 299986e3-3994-4d25-b7c9-1ef9b566d386
.360yield.com/ Name: tuuid_lu
Value: 1675761756
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y_IYXAAAAIiyTgAF
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 98BFC53D-D41D-445A-8B80-9C770FF8386C
.adform.net/ Name: uid
Value: 6581706990532047360
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3593d9ee-e5b1-44a7-8e7e-e9a804fe6201-003%22%7D
.w55c.net/ Name: matchgoogle
Value: 5
.lijit.com/ Name: ljt_reader
Value: GHbSDGZHTiizMHpOREetfWxO
.ctnsnet.com/ Name: cid
Value: ce81a2145d1f4dc9b0bb2414c08f0d3e
.sportradarserving.com/ Name: zuuid
Value: c674d416-b260-42c6-b456-c7fb4ce85264
.sportradarserving.com/ Name: c
Value: 1675761756
.sportradarserving.com/ Name: zuuid_lu
Value: 1675761756
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3593d9ee-e5b1-44a7-8e7e-e9a804fe6201-003%22%7D
pool.admedo.com/ Name: tuuid
Value: 29ad7709-a9c6-4fe9-943e-d73342d62aaf
pool.admedo.com/ Name: c
Value: 1675761756
pool.admedo.com/ Name: tuuid_lu
Value: 1675761756
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1675761756
.tribalfusion.com/ Name: ANON_ID
Value: aCnseFO5nP97PRo7UVbsZdtNYYrNZcdYkaCoMrPe8slEShIjQBrTTTlcRHSjXEfSngJK3MTgTYNIWR3XJGlRNu
ad.vidverto.io/ Name: moxuuid
Value: 9c257562-7b86-4e18-a49f-cdc11abc2e98
www.conrad.de/ Name: CEAffHA
Value: YD
.awin1.com/ Name: awpv14098
Value: 412871|1675761757|f68dc6b0-a6c8-11ed-a333-22367016dc88
.awin1.com/ Name: awpv11354
Value: 412871|1675761757|f6971580-a6c8-11ed-acb0-22645d5ed731
.www.conrad.de/ Name: __cf_bm
Value: ID5GbHwEkcIbyCEK4eyG5SzimkJMM6wOz_3IDc0CWQs-1675761757-0-AXLIwOhalbmjLw7n5trN0JKV1DUguhcsKXb32BPdibH3z9oXKcm/ngSXQUJAVF0TvC7k89I1ERe4Z12TtCz+o4I=
.awin1.com/ Name: awpv20044
Value: 412871|1675761757|f6a06450-a6c8-11ed-acb0-22645d5ed731
.awin1.com/ Name: awpv11938
Value: 412871|1675761757|f6a0d980-a6c8-11ed-acb0-22645d5ed731
.awin1.com/ Name: AWSESS
Value: 367022:2542680
www.conrad.de/ Name: HTLP_timestamp
Value: 1675761758
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1675761757_f6a0d980-a6c8-11ed-acb0-22645d5ed731%22%2C%22sp%22%3A%22awin%22%7D
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3NTc2MTc1OHZsZWExZGUyMDIzMDIwNzEwMjIzODgxMzU2NzU1NTM1WDExNzY3OVYxMjI2MTMyNzAyTVN2aWV3b25laWRra0RhNWYzZmtRMXU0SHdIZXRCdFZWV2ZaU2pUbW1BYTkxWWVvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTc2Nzk
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023020710223881356755535X117679V1226132702MSviewoneidkkDa5f3fkQ1u4HwHetBtVVWfZSjTmmAa91Yeoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY3NTc2MTc1OHZsZWExZGUyMDIzMDIwNzEwMjIzODgxMzU2NzU1NTM1WDExNzY3OVYxMjI2MTMyNzAyT
.ads.stickyadstv.com/ Name: pxId
Value: 7169
.csync.loopme.me/ Name: viewer_token
Value: 25fd2c88-fb01-410a-86df-1701494c78dc

12 Console Messages

Source Level URL
Text
network error URL: https://t.effectivemeasure.net/tag.js?1675
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: http://www.lebanonfiles.com/
Message:
Access to XMLHttpRequest at 'http://www.lebanonfiles.com/' (redirected from 'https://www.lebanonfiles.com/wp-admin/admin-ajax.php?action=get_breaking_news&nonce=90f1e20079') from origin 'http://www.lebanonfiles.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: http://www.lebanonfiles.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://analytics.leya.tech/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://analytics.leya.tech/events
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEK2U7A5lkMowhpoJ1D-Yzyo&google_cver=1&google_push=Aa02lx8HkSIJqQxi98wjUjAOBL3tqm3PdYFYHASK9XOHlabZIlQ209sagBT8H-8gmNWigh9pj_XRAmd3-Dz815_ev8e6IEJdP1gmu_NO
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEK2U7A5lkMowhpoJ1D-Yzyo&google_cver=1&google_push=Aa02lx_7O5QnEppAZFiJ5ZXDjqmMv4L9Sh7aeML0ll0qAqV_ZQgeOVCnA60EJ2crAZyapYQ24Dg4_k1VtUJQJXJjVlBWPLBo6ZZV4gm1
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 469)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
other error URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html#goog_1238921891
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 469)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
other error URL: http://imasdk.googleapis.com/js/core/bridge3.554.2_en.html#goog_1186854400
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.
other error URL: http://tpc.googlesyndication.com/sodar/hhrtBw21.html
Message:
The Cross-Origin-Opener-Policy header has been ignored, because the URL's origin was untrustworthy. It was defined either in the final response or a redirect. Please deliver the response using the HTTPS protocol. You can also use the 'localhost' origin instead. See https://www.w3.org/TR/powerful-features/#potentially-trustworthy-origin and https://html.spec.whatwg.org/#the-cross-origin-opener-policy-header.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4cywq-eqnre.ads.tremorhub.com
a.sportradarserving.com
a.tribalfusion.com
a.vidoomy.com
acdn.adnxs.com
ad.doubleclick.net
ad.lkqd.net
ad.turn.com
ad.vidverto.io
ad4m.at
ads.stickyadstv.com
ads.travelaudience.com
ads.vidoomy.com
adservice.google.com
adservice.google.de
adsparc-d.openx.net
adx.adform.net
aghtag.tech
analytics.leya.tech
analytics.webgains.io
ap.lijit.com
api.floors.dev
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
bb7633f1687959cdfd8cc33ce89d8b61.safeframe.googlesyndication.com
bgstats.mox.tv
biddr.brealtime.com
c1.adform.net
cdn.bidder.dev
cdn.exitbee.com
cdn.insurads.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.track.production.webgains.team
cdn.vidverto.io
cm.g.doubleclick.net
cmp.optad360.io
cms.quantserve.com
connect.facebook.net
cs.lkqd.net
csi.gstatic.com
csync.loopme.me
d5p.de17a.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
eb2.3lift.com
fd.tesseradigital.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
get.optad360.io
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hb.emxdgt.com
htagpa.tech
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
lebanonfiles.com
match.360yield.com
match.adsrvr.org
odr.mookie1.com
onesignal.com
onetag-sys.com
optimized-by.rubiconproject.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pubads.g.doubleclick.net
region1.google-analytics.com
rr1---sn-4g5lzned.googlevideo.com
rtb.openx.net
s.ad.smaato.net
s.exitbee.com
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s3.amazonaws.com
s4.histats.com
secure.adnxs.com
securepubads.g.doubleclick.net
services.insurads.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.effectivemeasure.net
t.lkqd.net
tpc.googlesyndication.com
tpx.tesseradigital.com
track.webgains.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
v.lkqd.net
vidoomy-d.openx.net
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.lebanonfiles.com
www.telefonica-partner.de
www.youtube.com
x.bidswitch.net
googlecm.hit.gemius.pl
pagead2.googlesyndication.com
t.effectivemeasure.net
t.lkqd.net
v.lkqd.net
www.lebanonfiles.com
104.17.120.107
104.96.128.226
13.224.189.29
13.248.245.213
13.41.113.17
138.199.37.225
142.250.185.130
146.20.132.107
146.20.132.133
146.20.132.150
149.56.240.31
15.197.193.217
151.101.193.108
151.101.194.49
151.139.128.10
167.71.9.19
172.217.19.102
172.64.154.237
18.156.0.31
18.158.141.17
18.158.219.34
18.168.165.36
18.196.91.239
18.66.15.16
185.132.133.134
185.180.223.225
185.29.134.248
185.86.139.103
185.89.210.153
185.89.211.12
190.2.151.10
198.47.127.19
2.18.79.139
2001:4860:4802:34::36
209.191.163.209
213.155.156.184
213.19.147.44
2600:1901:0:76b9::
2600:1f18:612b:4200:1473:79ff:9ba3:468f
2600:9000:206f:9400:11:a4de:2580:93a1
2600:9000:206f:dc00:11:a4de:2580:93a1
2600:9000:2138:e400:6:b871:4f00:93a1
2600:9000:223f:1000:1b:5138:8a40:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:a47
2606:4700:20::681a:b47
2606:4700:20::ac43:441e
2606:4700:20::ac43:4a81
2606:4700:3030::6815:1b4
2606:4700:3034::6815:4466
2606:4700:3037::ac43:c1e6
2606:4700::6810:3865
2606:4700::6810:5714
2606:4700::6812:19ad
2606:4700::6812:7f05
2606:4700::6812:e134
2607:f8b0:4000:81c::2003
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:13::6
2a00:1450:4001:800::200e
2a00:1450:4001:803::2004
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2006
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9a
2a00:1450:400d:806::2002
2a00:1450:400d:806::2003
2a00:1450:400d:808::2002
2a00:1450:400d:80c::2001
2a02:fa8:8806:16::1370
2a03:2880:f02d:12:face:b00c:0:3
2a05:d018:d29:3602:d8ac:1edd:aee1:32b6
2a06:98c1:3121::3
3.122.47.214
3.19.54.139
3.69.180.66
34.160.128.112
34.91.62.186
34.96.69.62
34.98.64.218
34.98.67.61
35.157.179.180
35.186.193.173
35.186.253.211
35.190.0.66
35.210.53.219
35.214.223.115
35.244.145.108
35.244.159.8
37.157.2.234
37.157.3.28
44.205.108.144
46.105.201.240
46.228.164.11
51.89.9.252
52.216.240.78
52.57.159.169
52.58.133.213
52.59.113.250
54.90.58.187
69.173.144.139
84.200.5.215
85.114.159.93
87.118.116.9
88.99.63.132
95.100.75.47
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02bd577035baf8b157e0ba285776fbe8703bddbf1203f719f3a03ae862383622
02d1c775a4940118a6bf8b19653a2ebc8b2eb7a3e9d564b8715e86bf00f00c6c
0451110954dd2b81e061876f173b9c1244abbc66a3aadf2687dea0c0164aad1f
047ff5fbeada0eee8bd18419654f8b2d775835a291a93b99312cded159c254e9
04a436758e8992373a49eb612d5b5f54a6fe9e6b1aedab24b510411630fa99b8
04db1928cac9786ab103fd8921943f73e1e58330f9894c7b908cb9d6b962da4b
05c2dd0672ba3f44ee8ef4c238f92a610dfd4d9aee27f17e46f4bf0d4dd4bf5c
06e30a4ff3956e1831c687d46b06f646bea6f5a9611bb8e51d6f010e95de7ca3
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
07b6f1cd5cb30e9f17a75d91454b63803a6cbab1f543c4227a7cc915bbe18ec7
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a77a9e11a5cb5b3cce39020378236b0fb3797fa850781e19ef7f1c3ed92804d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c0bea7989a24b1f1b762e6dc760d65e38e64c6e590c186d1adbe26b93d7a1ea
0c1a7d249876c734451f6342b725f22cd9ba732fcda22ace0f1a8aada0b191f8
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0da9d3b733e8191902e115d986885acbbcf2af76383dc5baeec2d1cb307b971c
0daf9721063a9c0431d4f2097dd6377d04f83ef93b3802832f1cceed3fd16ce2
0dd780e74ea7f7965574c0188ce56ad267cc1c7baec2c5b99db468769d40eff9
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1012c5eec2349dd545fe96d4e5b113b783457cc3e29939838634f9235ecd097e
113b67a6c606ec83a6481fa747643a4ec2e73f3673c558c7196d4aea1699e045
148a28237ff2f62dd9e5a80c484fd6c542327f720716834c565bbbae08be8e17
1554993bfd6558071bd0f007fbc97c32c540ad0339cdda7a274740b4b214ea7f
17920afba416d14131fa9953f98fd3283fc760b33a8cf681e49b3c486bdd2f20
1a1b0c960c233230b7028ef3149372ee3f0ba68a00f37aa29eda48b4c0c05274
1caae31a6a05aa0be067b968fb12c9421ee72184a2a2db915a54d3330f7be923
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
1f5fc73ab6a0fd76706f860c3e1d5536b800634dfb3f3863142c9f3a30c01887
1f8b8c050b9481a6ec459e18f0a6545294badc0eaebbb96ac6a9e62ec6461d0b
1fac766fdeddd2b5bd333bcea731d81ef25767eb9e0406a6a0aa83541d4b8549
2053a34e459956305e33dc13f642e236359fdd075550cdc4c40f5e70c34914aa
21fdfb102ff72944c5a2aa92c1e06a2fc2cb347327e995a9524d2fea7a105dba
221a085665362b63a3d6e4f6d5274193bbaf0abfc21b46d31371a387759a7532
228f611eb28a75360b3966c50617de0e0a9436cf1316ef1e8c319b3ef8f7696f
231b283ead3f90a234eaf79c7838cdb1cc0bb099eb73f11d7eb11e88390b358d
23e19e7468c1fae67aff80842bacfe5142cdb7568dbdee994712b04f1e8daf26
23ecc166c436d8396527853910d2bd1f042f134209b4e3b0526dd66b67ed8c0a
249024d8bdd95755684a12be868517e2a861b045106cf48fd2864b9cf835bed3
2542b8e4563fdce8192d5e0a873786d54c205d1557fcea2a7382e449c099816c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
29164235a9db440ed1733b10d686718031b14a0b4d17928062a7cbff58dbe81e
2a332e97afb7d1ba0ab7bcbabe4ddffd3434a015b7d50462f05abb08d22cf056
2a8903695e45e5ece3c48e800f5a6b84c5721a34df5cf5107efd3b9eb77b021f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b70bc8468e35f8a98bf9f6aebd2f5a230fcc4b20bc726416e1eefba099d5689
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2c1a2fd55777ecf24486a5434b7287f5da121b1374b387f372e7dce71b8ae88d
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7b572fb8c157fa128e3ca13f7c7f904176c4f59b010a8e498af74cd5891103
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2ec7ef8fc9f795b431b1bc5f8e284ca525ef65fb9580e268a96027e839b7ed06
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f2ef50d66b4f64c717b9a421b38c20fc576c03f9d3847bad471e7db8424ecd0
2f4e452e1e9fefc4ebbd6034f27bfb8fe7a720237db8ef720a75d8a8cff58b34
2fa4334484b61c91ec5fa632b9df577eb89c502f5a75c104c1e848a7410fe710
301a0b0e01efdbd9dc5ae8ea06d49a4058077e1ca1fcd3a50602692b6c7189e8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32dd00604df8db3415240d450341558b6827b1e02dc0f211d8a6d9a4287c522e
33404034c86e16b1af53dfb4b8231e13b4508fc33ec51e21381eb9a99e38b7b8
33d4735efdb9bca9441bba723cf37695228022df7300cabd420dedca99181b5b
356fe773c0f526ef1ce494475576a5121086b575660d0ff46e5a92a8c02bfbdd
361fbd04cca1aba0f89d13e5315d1ab3d8434e0b654501dd6446d854171ea7df
36a230c016cbfa73b8cde325d438bba359537061b3aa7fbd03c2fe43fbe66e76
3780f318d0ccb31946a0772917be4aef32b284013e06db2dd09a5f87c3ad902f
398479678a61a08fb0c4c6608eb274f3ff3900e40d6008f5d4b90c8d06efd331
39973d5b491c08f9acdba2126c4490241c7be3ff921ccd55da80e2581671cdd8
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3afad25af29a994937e27cc69012b883d167810e96ced87d1f995f927654b775
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
3f2e7ed2419fd15df10aa7286b038bfd905310bc5c3097d078990e88eb3069d0
400c031b3f3f33060b58a001393f6929ca5805005e2c600c2226390786bdec3d
401322bc63046615783e0c917807bb0f898efa0b5ecc2fc4d18673ebc81f695b
418c1cc5e3fe5dab64df68fee91403c4af6a0b5ee68f12c2717956b216b08b8b
426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37
42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
43db761b6e5253d5479c087db43a7b7259bf90750ed5a0072b8fba29d225c98d
45965c6a42a270833815a8022833cdcaedb4cead913da88adde839a7e11c6f6e
45b96e594b1e19133c1035d8ddf90ff8f80180af6ebda0a431429a9577e35b6c
45fa735c6df15f15a1293a9cb3125033408874bf284280e8bcac23f95ad8feac
460cbcd29fb15c6c3e3819b5e810c1c5237714eb894fe1f02fe47e74dd55ebbf
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b72b85b9d16b8c10a1f33b857ba56470a568cf4c0b619fe8479c65ac221b656
4ba5939372549192a9866bf2c9d828e9c7f16487c080a5339b2355601fd292c2
4c1ba0dc0606aa61177afae63066bba5982ebf2b974ebe2845fc888b165528f6
4c5caea5d9636db280e7b487edd7ea9ed9d6abd93f4d3506061a6739f09829f3
4dd4f0166bc79b7989521444108f3d3b56a3579280e59c7bf1e54c6595d0116d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5be5b6e3ff509bba2f9ee8a7dd4ebfd8016d1a0b2f085d980df240b10d25bc
4fe9c117451b901537b7ec34e045d3ec927481aae3e3718e602a8e1876c4ce2e
50ebd8c3838683f43eab2f12412d903836ae51b0e811df9e3b7e9161bf00884f
51a6dbd109b65b4ee7b503b468e13d62f0ef182b8b61fb93a22a70dcce6d8d9a
529d5a06e1e90ceadfad7e6c2eaed6e9b868a35798345d5431c90f6024f15b55
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5616a6e1823b43919f7d1a33817cccfa1d9f30c9f10f2deb00d9c3671f91d5f0
56f90a84ab6429264698fd0480ef391cb63c524b8326fc61cb42e773d4e81e99
5816fe8a64fc007053e148393dfdb2895f973e362549b6af963b67cb81a7d9b2
5826dfd6cfa395afeef006c72378d160e3125e04da8e6c7df65e414ce2d16d80
59dfc4f44c65ffc10d2caef968407d533dee7adaf9efdde7fd8c8d9e3184f280
5ad50935678c2437bd84bd2458474b72509fa3a6b127a75fec10492929d80ef5
5ae2b18203325ac2876b69455e08e3eefa59a4dca46ee55b033f1fbd80b28b5b
5b545867fa76275afab94da71ec2e4059d9694e77e7e3f3a879d16e677f0ec2d
5d42509eba449991fcd875258d4de5caaf6260c3d790df4d29848f73b9352a80
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
60bf02832688d14251ec1c7b8acfda233a91f927f26c7202bdaba781a1f0fcdf
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61594bb60aade5b604c5795ca33697b4eaaa340bbbb58cba010f58649cb88a74
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63177790a825e26ecb26cc0544a1a7df7dc9a60d808c010dbe642132e6565115
639971c135079e20535fc0216305f587e163a58c52d447f7fbf52a9762b8cad7
63dbce096b38566dd7876d3a69f60ba5a1a4faa5d8d8983586df568e25e45e82
65cb5cd5882c666a22bf188d80f04fe01f56fbb3428e29d74aa24e3d9b1c783b
667134035ddf39a2515c0d2e380d73c3367de517f6355287a95c052813128ce9
6724f4c12dbb399c6b6b301b580559a256a89a10e8b828d4498118086c2e84b4
67b6584af0fff14908d8f05c0eb9d59cb809da113feffd197f3ddb38a779ea45
68608a0cb68dee07f5e9c8c5d868c3211cf64df93c101ce9b3b95644c332c014
69ebb599e2790acb51d8543b031d29a2d556ad54e5e81d87b596c92a28a3a3d2
6ab46989e3de7cf0cf0b8058cef074214939c3bc671d0ac1dcd5d345f2513802
6b6d189571412e764d6e55d658851c1a342e064b73867afdce05834347adb84b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c25f17d25f76448906480fb83546ad8d0f7bdcb900a172c1d3f7488f34db723
6c3718a6ae4f2eb59d54458122825583392158ad8664f85806610271ad31f392
6c655f9a691901e3ca5842f59833b6d82e26ff4ccbd0388d45b4350e80f43299
6d3e8aa04471ca235093290325bcf511af7c9ced7cccfc2ee6d6ed2a2198fe0c
6d4e557fae260566d3a44d3b94eb31158760bf12fb0b8b3d0359b78a3110fb52
6e1278b38e7c2121be73587285a735bd9bfaf83c5a8469047adc256146eda3af
6e7d31724466b220d9afd30fb0c1a26140f50c6d38cf4ff4e74922e133fb3033
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
707d47e8f794caef2636919f7e4a1ee998ee9280fa0798af057c605a5894d569
70d6a8d60f982e74efc951e59383c99f70a5082e32e5623b429f1930bb2162c6
7100633cff808ec01559c4579130f2d6cef8d43e7f02c56d727ed33787d30fb9
7196cfb7b7f5b80055efcd7371116a9a88275d41a207e3baff58938e547c19f5
72e3399a052fd2d20167a1730e44f50b8141b04e12dd2f57958391fd56a53bd6
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
759b4058b064804b687449891522206ffbc948bfe1c02aeb9d213b497215eb62
76567080aa1deab06195ce67c4f5d97e52d52a0abc0a35c13ff8dca31e78194c
7698eaffca090badc78a9d86bc39a899cd415a5d8195d926a40bf2d9410a7cd0
76bc229324cf0fa4496cbe6e7c7c9e8dabe5f20d26a614c3d7c51ec2d3b031c1
76f7aab784e206ad216b632a8ac2bb36e52083e014c1c6e7f43c52912b0c6371
770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b
776ec9f2104f7e31fa8f565bcebbbaa105a76627fc78c82ad3fb48fb6b083f78
7813f21ffc8ab5a9c4808a33cae9e6234b4ab3b14245a8900bdd62879642077c
78797b518e0df3bfe55a1edfca1a70d0009ab6d210aa1f46097bccf11343c84b
78e99d887a74e2a58d9264a0a15b2953f5ecb5b70838cbaab5a3869a76f8c706
7943b56a29ff01466192c0f17999654f80b24ca851291fb42e84c2944d239620
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
79ef0c460dc97dc5af333616f19018a5b80112ea56c74f0468df4b582db7c84b
7acea864afd4d1426c342c1846d6f83cf118620398f8ab66deccd1370ade89a2
7b0398309751310521c4cf914e5229bcb3ab7c446a4dbea0c4605690db08cc21
7bd683d122dc300c50ba7b4da659d109e503a143dc3aab46996f91bfa854057a
7cfe458faed6fe5c3094bd51f1f10174604be983739ade9d828b0aad190043e5
7efd359cd7418393a4a48a1bdc760a0ca0562da42bbe89b8cb48cab89225a471
7f2b965a8729713a9478d3e2e6e28b968212fb21d3779ce83f33d5d7f49f111c
7f2e2b28e12f8253a1c62b4d37411656baea0c241a0d8e3f38ce0669ea8d189a
7fa487766c823e05b2299f9bd00ff6537696ba5a023802bf81105565b30f5fa0
80d5376e68f3824be9e97919bdc5ded99f0103ca92bc92717b46bb4f394d3402
80e691513d819191e33c0c51892c4ac816b21178dc89b5fcc06bc0cb60e932aa
81065c480dbb5cc9b6093be1f389ae432b8bbb697a19d63f1fee697f075c29bf
81519deacce30ac3640700d27b2125240a8e7c5418d7798c83aba2067f620463
81f5a03e1b49cbe1692501481bd08328870b21f448be669a04666ae2a6c96855
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
8498a175d0101f4a0d9d5ac8956bfe56c9b3c78d417e786bef66301a5a5483cd
85cae9fd2c56d6351de8626f9b2d3d981b459cfe1e8ee871f565054e75ab25c3
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
878987235418913eb43665f131a51dcc79f3aa5d517a5e04f5266d4945ff1c53
887f1d860f0610fc4a0bef91beb2a76bbaadcd627fd351b3f4ca7001387bb5d1
888fee914ccdd03fcf212b38e80d9da7fc579582e50f886462b139ee0ee9130c
88c4ce8d34a9daa60952a5e3c77f6a430e87ef15ad67d03105131dcdeb04131d
8a27bb03bfbdf5aae1de24c645b7b017dbfa3fae6342ccfd917ed2b70082f834
8af08f6dcc3d4135a5034fe5f4b86ef4cf6e9059cfdef055fd8607a465f66dd0
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d0f966c89690b39d75f524c019c812567ba617d0bf768c7bb93ab5b922f9f57
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d77e38aa42ff96c2dcca03eff38acec1bcadf1ecfc7b292949724dbec3a1000
8d82dc347c62d06507e015d8a2f3ec90c55dae7e1fdab2eea68f71134ab0325e
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8eba417583e78e816deeb933f8f6d0b629894d4eaba5d4bb2d9af31214eb9329
8f24bfec3e4bb65273c40c30a79a9f414b56f5e099a9b6909cfe3c55665defba
8f3d67a9de0c334f5aee65fa1960186fc578f9d966f6fc42533dfdd5691f7995
901180f4ea950ef9bf97539a95148ead95eec398f0fb583f8c87fdea2774e418
9045f67eeee39ad9304a630eccb3e2b16be03e3d8320177eac461bb64380ec64
926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d
929d3f5e374458d40ae12ecea7dbc4882283bede5dfedb11fbad8bb4c6bad81f
9381ca876f8ebf3fa6b1617c7d6881abe165d0ebd121fcc975dc19a0f2c7e6f4
94e4cb19c22e935d07b372642b91d6ef04fa8a8c61aed1bc5b17a5e79cdb6a54
95cfe6f87f9fe4f607d78f3173b85fe284b8ee851733c802af55d8ba94c0a928
96653b9b6b919a16dcfce983c42fa78193d2b2e5cec34cceb23a02572c994485
9750f710e33b68e3d4551759753b699afe70c81f26c8fe5082ea16b3b1dd18ee
9793fc03a50f4e6cdd1d91743c7c18f33bf8ac521cb84f7e3d0fe24672ad72e3
9835caf857ce89641ff388de4d9deb25ef12912ae950b5c3d7f35ef709b7bf54
99e0ec5d38a9c776baabb7575c2a06f05fc9b5ab412736c911c6c1ee827302b4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9d190ac2c8bf5b15df41215dd916719eb9a4b514c1756a2e8aa8992efad0826f
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09fb04841151074c73e8daf6edb12da7ffd8b5e7812492a6d9f3ae977fe3d31
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1fc449201f61ca3ea21d70a29c7539f8bcb19be28423a4e1258e7e1e994b042
a202b2b8321c7bd6d4c81d68c23aa4338a67477cb235891bf23f91f34426ffde
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ac9cee6af8cadccf153b8dd7831d4f9234ad995a87fcb42872a14d3ae826727c
ad9cfb9dfc4bbe75509f6268415c710c44474dc703b8705eacada2ac8acb2725
aebdc69c8dd4d0029a43ed0c154d94bcd32324f53074b7d5be8f9d9e2d48e022
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
afc207386e69748f65e917a95513ca8ef20068a3dc11c87b393733030d80f3d3
b003afa15165c632feeec754e2df29e83ed92ccae2fc38187f170ed1bc388ec0
b0c77eae66f9d32939545d1d27171713f53f7a258bec8b5466865213ead5fb7f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b2769f94fe61c51cc2f01cce13616858cf4e0aed581c27b9f670cee234759302
b29bdb7db83315a34e9893cdd74afad8064611b89dade9adcc78b42fcafbf159
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5e4b25bca8c9a9d312d0bd15bf1d0761f3a2e7d2483865111b105382d4865e5
b5fab74c157e8c87b1ec3c65b541cd919a7702624611dfc98063c1fa7efc12ab
b791d9b523b9be4615eed3ada77b540ecb01bcdbec149b19d7b3a323300662e5
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b8986469f0558c8618ff937c0bfde6ee507e5a4d80a5a3c6a06fecc96bb06bbe
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bc04d57853b53642281fdd8cf4d4fd1305b48ae6a378c8fcbd61aec4a25cc575
bd34efbf72db37cd099482fee02c11e6fb6b484c0edd61fd1927caab45c12324
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bf7be0ed48f159ccd7cf9d116a316e8e990741d6902a53c33ebc511cb5314263
c0c1eced8657208f92c1d2f51f21806313adf0cc5953e5d4bd740087fe968065
c0d59afc312f7f1d1346cc4dfdb1463c05b2d334cfa64e7b9240456a48bfcc11
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c27c261a9d58126b1bb06aad02423733cc036f17ce63ccb0582967d806f43aff
c2d94f02e891bad9d1cad8f4df600469470386af7c8ad7a4742d15d45f582845
c33fa27b9c334a397d02386be6f4ac322a58b24ab72c8dcec7df466526d7b72f
c6c75f4976ca76a63fd60b187185539f9ce0f26e16b3d3831f210f7de6ae6166
c6dfed41b5a97b169e9f894e4a15831d16f2236e17aaa872077977d904442357
c6f14410f46ae33b84e0707dcf7bb436b153e7ee83485b583592052a48e983b6
c897d4713cc240286b98544e6fc41dd041d6d4ea6f5855725c1229b78de8253a
c8c4b33eaf2ca2eee4aee6d59ab0206cfbc2b4640707965c7daa538e0043543d
c90fa7f2b86e88bc876a28a908c00565250cfbdce151c8f3e5800bf98fa394c0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca296812f114107fa083d5231d83f2f12264be3f0fddf1e270b41f849fbfa8be
ca2bae1171d5b3e93834e4e14c247d2a24d96dec43b959dbff461c966acc49ec
ca5059587704b07628a21a6d72f5e6569b3dfdd5b3f17ed4093e6eb58edf953a
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce942734deae5c6e995d3f878159791f504191ff1ab362c50938bf078d0a460c
cff874c926c5c84caa14b6abcb50dc057b766bc858d0cdf98c72dddea7670000
d043c67cb65c62dee2303044df0f621a0c6bd843fa97477d25db5f3ca59eef86
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d11fb28567655d1d01fdcd2888002b1d72439e7a9b25a827550582801ba44852
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d13d86bb57a7f0886d8de68ce1e2e2e1109f8eee768438c857fef5a080f61ae4
d1f448f37cff9977a46f8e8986a806726b01f931c1164be424e1263999fd543c
d34083a65ff0e36a3d645ece2161f69414caf9f8aed2d21e288e7607c5ddd6dc
d45094f872342000f99c47850cdf77a2a25c81da19fd02157f81ec5ba0a6d704
d47a786c6b9e0f114e0ff0c92a8ff81d27d822447e41279494336c84560ea675
d49ac5e06c7c66881f5a3c1bba86782bbde16706d8219492719c70938fcbe444
d56f50130039a9148a433fef8b688032afbfda0e6cf590594546913434e068e3
d8928a20b6d9520af9bfb5e9748259fc3c1ed52ee4e430920d7e70897af5c065
d8e7f9185221ec3fb4bf399ad7d819c338a1d6af989e11e2984c494389c527aa
d929a0d22c927917c4e6dfb26374c496c48502cb148ee958bbf627bb8d3d529a
db384cfb2689df88523dd7e5c0498fca94d5bc395cf920536b3b1f5f01e87217
db5b28c1d1296a4c8c8d0828b48f9d9a5a0b4bf74db2a567ebb52f907dde984a
db5d999e356d97a5cf821870429655191d582cb778c71312215215751b922eb1
dcd03d839f8362d4b7f37510aa3de0dd701a74d38c7a45ed74af3759fd201266
dd3526ddba0514315d1dfabd7413c70fa2295b04c7c2b7764c7117803af3ea58
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e09622d5cdb5beca30aac356226c657df7421f221b4467484c1c2fbfd9c024be
e18c1fbec46eddabdf9044c632d2db5823df5485a539ca4bfecff2599efa3e75
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
e26a5d6b746a43668fa2ce246e51df82c5f6e8cb73a8bdf12f902260ce6d80fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e421b44d2ede60ccda5347bab6dbf3470f8c1aab75a5c4f83280c0765672504b
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e9391ee65f6343d19726ddc38563462d51b4694f1b5c961fce6035cfd861e77c
e9d2c6e74baed7956dac8e2827ff7319ba7c0b17da89bbd1fc5d4e49ac2853ec
ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58
ec00992b822d8451b2ff5a68c2cfd69e9a4b3773e4386285bad10237b8c81ba9
ec335cbc056796d69797fd1ef82fc0abd9159579add0bf72e3f54fc0acba786b
ed051e79f68066d1678e3885ca592b3a3d6ff522a51a3240e8e993adb1bb1196
edfba941a872463aca82203db9987aa2e489d1ee92657cf78f1da36b2446f723
eed8766a2c2e43a06492830a44109c7811bae990c6c3be4c253103b450d9a5ea
ef05b8ebc1004c4e14dc8e6a0c39e123f944e987c702ba484d1d8dd89a1f56c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02a6eaae7dedd59a53440a87814f677d015928a5b80a0eefd34f2fdbb3ff706
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f4c2f9ab5ecec8066bad4a82d2bb5193dbb23838c7cf890c487b4a3950897e7e
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f69dc71f554832e3cf71573aba862065712d6178f77fd0ff67a5e88b4d3b305f
f74b21fb7601b050295755d66840e040a40bc458318c504be282a82da25af019
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f9068c7c9d4583f8a54bad7467f8fab1f4fa23610926abc0a28e3fb62c891238
f90ca2891057b011402be844b1a331c7da1ee1c44fd4db6855822f8046b7db97
fa7dcde5811304df45bb4c6d7dbadc051064e93db766eaa87a7676b05b8579aa
fa8b2e11d22e3459a3e32d5786d3ec090ed74cc87241f684a0c05333cf352aac
fb12708d973e6b9354f367a6780e5a166b0da7d2721d856da7f9d57130883eaa
fb7cd99e7f4f1091a8c15cd186ab499198ce8af95dc17248287e18a697be01c4
fc219c9605747cfca9d55768ad5d97f6f5b76517166dc85bb2cedbfc22b2aa89
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2