www.xn--12c4cbf7aots1ayx.com Open in urlscan Pro Puny
www.ประกาศผลสอบ.com IDN
119.59.116.158 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.xn--12c4cbf7aots1ayx.com/
Effective URL:
https://www.xn--12c4cbf7aots1ayx.com/
Submission: On December 25 via api (December 25th 2023, 10:43:18 pm UTC) from US — Scanned from DE

Summary HTTP 199 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 21 domains to perform 199 HTTP transactions. The main IP is 119.59.116.158, located in Thailand and belongs to METRABYTE-TH 453 Ladplacout Jorakhaebua, TH. The main domain is www.xn--12c4cbf7aots1ayx.com. The Cisco Umbrella rank of the primary domain is 785234.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 24th 2023. Valid for: a year.

This is the only time www.xn--12c4cbf7aots1ayx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	119.59.116.158 119.59.116.158	56067 (METRABYTE...) (METRABYTE-TH 453 Ladplacout Jorakhaebua)
31	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 13	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
9	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
30	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:81c::2006	15169 (GOOGLE) (GOOGLE)
6	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
6 12	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3 7	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
2	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1 2	52.209.40.41 52.209.40.41	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:6fd2:d99:7ec0:a92b	16509 (AMAZON-02) (AMAZON-02)
1	18.197.41.124 18.197.41.124	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2600:9000:243... 2600:9000:243d:ba00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f18:1ac... 2600:1f18:1aca:4281:c66c:cb3:5c51:6f9b	14618 (AMAZON-AES) (AMAZON-AES)
199	26

28 119.59.116.158 (Thailand) 1 redirects

ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH)

www.xn--12c4cbf7aots1ayx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.185.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.89.211.12 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.40.41 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-40-41.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:6fd2:d99:7ec0:a92b (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.41.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-41-124.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.84 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:243d:ba00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:1aca:4281:c66c:cb3:5c51:6f9b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
61	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	722 KB
37	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	564 KB
29	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	242 KB
28	xn--12c4cbf7aots1ayx.com 1 redirects www.xn--12c4cbf7aots1ayx.com — Cisco Umbrella Rank: 785234	212 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	102 KB
9	gstatic.com www.gstatic.com Failed fonts.gstatic.com	157 KB
9	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 445	167 KB
8	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	6 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	4 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	322 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 802 s.tribalfusion.com — Cisco Umbrella Rank: 2218	1 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	712 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	173 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 4999	614 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	15 KB
199	21

	Domain	Requested by
37	s0.2mdn.net	www.xn--12c4cbf7aots1ayx.com s0.2mdn.net googleads.g.doubleclick.net
31	pagead2.googlesyndication.com	www.xn--12c4cbf7aots1ayx.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
30	tpc.googlesyndication.com	googleads.g.doubleclick.net www.xn--12c4cbf7aots1ayx.com tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
28	www.xn--12c4cbf7aots1ayx.com	1 redirects www.xn--12c4cbf7aots1ayx.com
13	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com www.xn--12c4cbf7aots1ayx.com googleads.g.doubleclick.net
12	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
8	ib.adnxs.com	6 redirects googleads.g.doubleclick.net
8	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	www.googleadservices.com	www.xn--12c4cbf7aots1ayx.com
5	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net www.xn--12c4cbf7aots1ayx.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	www.xn--12c4cbf7aots1ayx.com
2	c1.adform.net	2 redirects
2	fw.adsafeprotected.com	1 redirects www.xn--12c4cbf7aots1ayx.com
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	ad.doubleclick.net	www.xn--12c4cbf7aots1ayx.com
2	www.gstatic.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	ipac.ctnsnet.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	scontent.xx.fbcdn.net	www.facebook.com
1	www.facebook.com	www.xn--12c4cbf7aots1ayx.com
199	30

This site contains links to these domains. Also see Links.

Domain
web.facebook.com

Subject Issuer	Validity	Valid
xn--12c4cbf7aots1ayx.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-24` - `2024-03-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-04` - `2024-01-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://www.xn--12c4cbf7aots1ayx.com/
Frame ID: 3218BD53BDF681D212B06D920E822FAF
Requests: 33 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2581%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25AD%25E0%25B8%259Acom%2F404237596310906&width=255&height=258&colorscheme=light&show_faces=true&border_color&stream=false&header=false
Frame ID: 6F6BBB3C56A051D14587959776C47313
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: B068FA1A42E5D6817025619579A20820
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&adk=1812271804&adf=3025194257&lmt=1703544192&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544192274&bpp=3&bdt=1750&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8297435567579&frm=20&pv=2&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=210
Frame ID: 209020BFBA99BC144C819C759C24A49D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=280&slotname=1690737932&adk=3129314618&adf=980083703&pi=t.ma~as.1690737932&w=729&fwrn=4&fwrnh=100&lmt=1703544192&rafmt=1&format=729x280&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544192277&bpp=1&bdt=1753&idt=215&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=273&ady=1023&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=220
Frame ID: 17C159C77034CCB00CDD7614FD6A0C5C
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Frame ID: 57A78A2B5A53D089A90A69E25977D7FA
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 944A988B22A76B27CF47FF6AA4B96506
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 35F58B7D359759B57EB1CD85943D4F68
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: FC79792D9D88E348D06757EED741AB83
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEJ_18b0CGNz3hLQBMAE&v=APEucNWd81Pbv3hQIlbcPEEFjYR56Hv3a8hKCp234b0DOP-SI2Tbdf5SKCAWhb6-Mvd5u6XHpDNuEzy2W5JnAahu0HfC6aZmbHNAGIVjU9d6HwlQYoJSW_TvJZhU2ojb4iFQLzjyaRJAuL_vy3NABQHiCec7FmF9MgYAa77XyS4dUM-_uOsT3hk
Frame ID: 0AA4897A5B3EE8A5C3AE23991560E5D2
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Frame ID: C4A803F1BC7A2B8316BD57106FD821AE
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: 2ABC40B4543499DA9EA972446592E6D8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7185797BD1770C0DF50DFBF3173A4B1B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: BA4F4DD689AA0E91906C00EB7365E512
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
Frame ID: C30A7CBE8CC87D3C890FCE196DF108F7
Requests: 30 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js
Frame ID: DEDE40E63D880F124D1428607BCB0B5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY04r9xAEwAQ&v=APEucNVh8v9kupihMGW0vqjnGMaV-bQKkNvVIA4KTK3iEwm9FELE4j_G9GOFEn0sgHRbmT-DpYkpET-FNfA4Ik7jksmmJ_G5wp8ZDAywBA9TbepOu9drpPSh3bnuvksKTrW82GAZdyXHac8hNyTpA4jCNdUgSyGVgvOW20kfaJeBmR_wLWuoGvs
Frame ID: DC9415208CF71FFA246ED8123BE4FBC2
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 1892749ACAFC18F60A89CC63FC279FCB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7A8D692521FA5EFB32F0D19BBBA04030
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1EEE96F812ACC054F96199ECD39D164E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15541521504290386506/index.html?ev=01_250
Frame ID: 138FEF0A25ABA3D95009484A834DAC06
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 77A760E468F7E4263A1FF7FBB74331CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A83FE790A560F028992738C8E9EBF577
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C977DDFF419D9D93C9B7A5234CF4826
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

งานราชการ ประกาศผลสอบ สถานที่สอบ รายชื่อผู้มีสิทธิ์สอบ 2566 งานรัฐวิสาหกิจ

Page URL History Show full URLs

http://www.xn--12c4cbf7aots1ayx.com/ HTTP 301
https://www.xn--12c4cbf7aots1ayx.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

199
Requests

91 %
HTTPS

54 %
IPv6

21
Domains

30
Subdomains

26
IPs

6
Countries

2510 kB
Transfer

6179 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://web.facebook.com/%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%81%E0%B8%B2%E0%B8%A8%E0%B8%9C%E0%B8%A5%E0%B8%AA%E0%B8%AD%E0%B8%9Acom-%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B8%A3%E0%B8%B2%E0%B8%8A%E0%B8%81%E0%B8%B2%E0%B8%A3-%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B8%A3%E0%B8%B1%E0%B8%90%E0%B8%A7%E0%B8%B4%E0%B8%AA%E0%B8%B2%E0%B8%AB%E0%B8%81%E0%B8%B4%E0%B8%88-404237596310906/
Title: ติดต่อเรา/ฝากข่าวรับสมัครงาน

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.xn--12c4cbf7aots1ayx.com/ HTTP 301
https://www.xn--12c4cbf7aots1ayx.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://googleads.g.doubleclick.net/pagead/adview?ai=CtFX-gAWKZaXmH7aG7_UP572IyAeFj8z-dOrFhK-LEpSWseLePxABIIyHpiBglaKkgrAHoAHp_fXPA8gBCagDAcgDywSqBOIBT9Dpcd02-tIYDikH0-wdIKhDOUGCTJbTaeAxaBLEXTva1lT9KA6XSQsLd156KHKnw54t_g3JEFfhOjxnFXGw6G9C-EPc8R6ufv68qt1bv_ioyzJWUUnNndodJzbXGEoHMwjxpdxbZf_Q4d5Hmu-asejFLPOa7s1SrrnvC28mD-2ti7WjpKPekLBlCg96wKfd-6QahrUvmUV5IrJbUrdY-qx7xJtL27YVe4F3gPqu97-Kd4ronjnIRdEZeglE4pXyxUSQY_0CkmIXDGAD3mtO5uhDfZJ86-lFVkcytOp9vmKJ6sAEuL66t9MEiAXLpou2TJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfYn9qsAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEOGCC9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYrYXR09SrgwOaCThodHRwczovL2Jlc3RzZWFyY2hlcy5uZXQvaW5kZXgucGhwP3JnaWQ9ODEwNDI4JnN1Yj1nY2xpZIAKAcgLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLYEwzQFQGAFwGyFxwKGggAEhRwdWItMDg0MDcyOTc3MzI0OTU1MhgA&sigh=k9SZ-fZc3jw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_7cINAWWA5iZiKpI-cd4_UIdjOKx-IdyvrAhQHAD4FcAZLNm70jU0p1Jue858NJLYgac4LUkyUvi7BbnwDwXf86Rdq6vVzmK0938YAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222075792502064623650%22,%22debug_reporting%22:true,%22destination%22:%22https://bestsearches.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%2222%22:[%22true%22],%224%22:[%2212-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214188346328504241505%22}&andc=true

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE99MUvnj2MSt1QDnabgmF8&google_cver=1

Request Chain 88

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYoFgQOBk0QRtABo4tvm7QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJo2IH76Wx3AIaY2FjKkD9I&google_cver=1

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELYN2C3XGeFucTCGVD8Cw6E&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELYN2C3XGeFucTCGVD8Cw6E%26google_cver%3D1

Request Chain 90

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0OTIxODI5NTU4NzU0NzMyNQ%3D%3D

Request Chain 105

https://googleads.g.doubleclick.net/pagead/adview?ai=CisLPgAWKZeOkH6LY9u8PiMyykAzUu6jQdLTpo9jMEtnZHhABIIyHpiBglaKkgrAHoAGvyvjFA8gBCakCEWOGTlF4sj6oAwHIA8sEqgTkAU_Qag2b4cd3BvkppCL47SA1wbhIwKcpq97JHnUcQg4lHDgvQmDsoE8g7MY77Y9mzhmEsv3DAP2F8z86p32X-JN66clyUGWiiVV1PjoMsCzy5XjSBosfJzTUA9sfqbr8IBWMaSxG4AP8lRfx14iHu1cJ0K1eSxzorxqPJpl1Mz24pMO82JTAHK8SfhkwMFmqUtOw1xwsK2zua6xe0xe5boEEU4omIgxShA00VrrlDRvEkVWMDZkYHzj_E1Tc1eAzZwseILL6hoJNH5cRz1kodKAPFHkVUHD-KBngjOKifG824mwkWcAE-pXEgsQEiAWyuPLGTZIFBAgEGAGSBQQIBRgEoAYugAfJ3YcTqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ_fcJ0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliLwdDT1KuDA5oJ-wFodHRwczovL3d3dy5tZXkuY29tL2RlL2RhbWVuLz9ldGNjX21lZD1TRUEmZXRjY19wYXI9R29vZ2xlJmV0X2NtcF9zZWcxPTIwODE4MjA1NzQ2JmV0Y2NfY21wPW1leV9BV1JfREVfR0ROX0t1bmRlbnNlZ21lbnQ3JmV0Y2NfZ3JwPTE1NTY5Nzg3NTcwNiZldGNjX2JreT0mZXRjY19tdHk9JmV0Y2NfcGxjPXd3dy54bi0tMTJjNGNiZjdhb3RzMWF5eC5jb20mZXRjY19jdHY9NjgyNzYwOTEzMjk5JmV0Y2NfYmRlPWMmZXRjY192YXI9e2djbGlkfYAKAcgLAaIMECoOCgzktLEC7rWxArW4sQK4E-QD2BMNiBQB0BUBgBcBshccChoIABIUcHViLTA4NDA3Mjk3NzMyNDk1NTIYAA&sigh=Rb_ZLWBcIos&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_FdBl0rmlo2FM5LOrCmgJH4oR8RFHc56_l7wVC9N0mQmadFHGDC_9cC9bFQxJkEUuAr5BfFl0LJ6U7ivYTEi3rj3t2gCyyhhsCQcYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223498390857869573359%22,%22debug_reporting%22:true,%22destination%22:%22https://mey.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951985455%22],%2222%22:[%22true%22],%224%22:[%2212-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218389877005472444065%22}&andc=true

Request Chain 108

https://googleads.g.doubleclick.net/pagead/adview?ai=Cet0KgAWKZeWkH6LY9u8PiMyykAzUu6jQdLTpo9jMEtnZHhABIIyHpiBglaKkgrAHoAGvyvjFA8gBCakCEWOGTlF4sj6oAwHIA8sEqgTlAU_QneqQPx9nf5sYFBC4WJWXk6ax1lcsLcIqTMdZNN10ZkEQC_YVjFI5jLGQGhMQrj-iDLUxa6EmU00Ke_SAwW_fzBD7n9ueXrcoE-GRvjlWIMsrQrvEZRvWEma-GLk1Z5vw75Dow-a6UWsqyxuIj-jqSihGp2_MNDT-wUmXbZ7mrk55ZSslo7qIJI8dgrGk8qtseHv8UFlJFYalTTS-dfi9SzaYvGt6EV7oWWmlG9GQmggYIFfESn__PArVIC5dQRmspsxAhDcyT8mUXVfcVAIXQzFlH6fEq-1V7gLUAgphxhqVZxXABPqVxILEBIgFsrjyxk2SBQQIBBgBkgUECAUYBKAGLoAHyd2HE6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEIGhCdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYi8HQ09SrgwOaCfsBaHR0cHM6Ly93d3cubWV5LmNvbS9kZS9kYW1lbi8_ZXRjY19tZWQ9U0VBJmV0Y2NfcGFyPUdvb2dsZSZldF9jbXBfc2VnMT0yMDgxODIwNTc0NiZldGNjX2NtcD1tZXlfQVdSX0RFX0dETl9LdW5kZW5zZWdtZW50NyZldGNjX2dycD0xNTU2OTc4NzU3MDYmZXRjY19ia3k9JmV0Y2NfbXR5PSZldGNjX3BsYz13d3cueG4tLTEyYzRjYmY3YW90czFheXguY29tJmV0Y2NfY3R2PTY4Mjc2MDkxMzI5OSZldGNjX2JkZT1jJmV0Y2NfdmFyPXtnY2xpZH2ACgHICwGiDBAqDgoM5LSxAu61sQK1uLECuBPkA9gTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi0wODQwNzI5NzczMjQ5NTUyGAA&sigh=eITA0JLHowY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_FdBl0rmlo2FM5LOrCmgJH4oR8RFHc56_l7wVC9N0mQmadFHGDC_9cC9bFQxJkEUuAr5BfFl0LJ6U7ivYTEi3rj3t2gCyyhhsCQcYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222163236545330934312%22,%22debug_reporting%22:true,%22destination%22:%22https://mey.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951985455%22],%2222%22:[%22true%22],%224%22:[%2212-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225905639369068306065%22}&andc=true

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTXXoCnl0r0a9m03ZrhNTU&google_cver=1

Request Chain 144

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYoFgQOBk0QRtABo4tvm7QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTXXoCnl0r0a9m03ZrhNTU&google_cver=1

Request Chain 145

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDK5H5jBOKpvllawqJXBjCk&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDK5H5jBOKpvllawqJXBjCk%26google_cver%3D1

Request Chain 146

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2MDg0MTU0MjMwNDY0NTE1Mw%3D%3D

Request Chain 158

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBSgi_sHZK9v95wtslJj5DY&google_cver=1&google_push=AXcoOmSjCKIF676bq5EcYsJBa3pug5ztI3vUEbx6Kgwl4oOMe13dF-FY-Zft280GXkXYEyG9MaujzPcbK6W8K_7jDXEujhQ2bN2aom4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSjCKIF676bq5EcYsJBa3pug5ztI3vUEbx6Kgwl4oOMe13dF-FY-Zft280GXkXYEyG9MaujzPcbK6W8K_7jDXEujhQ2bN2aom4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBSgi_sHZK9v95wtslJj5DY&google_cver=1&google_push=AXcoOmSjCKIF676bq5EcYsJBa3pug5ztI3vUEbx6Kgwl4oOMe13dF-FY-Zft280GXkXYEyG9MaujzPcbK6W8K_7jDXEujhQ2bN2aom4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSjCKIF676bq5EcYsJBa3pug5ztI3vUEbx6Kgwl4oOMe13dF-FY-Zft280GXkXYEyG9MaujzPcbK6W8K_7jDXEujhQ2bN2aom4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 160

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESENQHO1gnkdGs9TAR4lcohpk&google_cver=1&google_push=AXcoOmSfZZujaLaIixghkHn_tFzBU0GLeGfFlJvMOxDY4f523xucvtltn2jx3cIups1NtvJ_3qAXafMxjGFTydiXHQVS8xf-pSYFWStw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSfZZujaLaIixghkHn_tFzBU0GLeGfFlJvMOxDY4f523xucvtltn2jx3cIups1NtvJ_3qAXafMxjGFTydiXHQVS8xf-pSYFWStw&google_hm=6C6WPShyQmyl55VFNO6W4oM

Request Chain 162

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPl9he1c4MIG2cw9XH-dTnA&google_cver=1&google_push=AXcoOmSt1AutO9jq6Kt_l63BIxDTBts3WJM3OxjtdxVfKB68a1316Nq0zsRJjwx0QNw_P-5upWHdyQ2MbuWaiQ0ZiriqCs-fb3bgpIol HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSt1AutO9jq6Kt_l63BIxDTBts3WJM3OxjtdxVfKB68a1316Nq0zsRJjwx0QNw_P-5upWHdyQ2MbuWaiQ0ZiriqCs-fb3bgpIol&google_hm=eS0xWWxaTEV0RTJwRW9yakFoQ20xeFlIZk05cDZ5dW9kan5B

Request Chain 164

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECqlMxf-yoOiJLKiyJVVgSg&google_cver=1&google_push=AXcoOmSbTBGzTxXkRJgBy1V32WjGVoTjddzYAtPkf5JwDRWPZ4aFXtHKdxpvWgwbgO5KfO_DzPaidmXE0PEwW_xtFWY-8vn5oJMGNTeP HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECqlMxf-yoOiJLKiyJVVgSg&google_cver=1&google_push=AXcoOmSbTBGzTxXkRJgBy1V32WjGVoTjddzYAtPkf5JwDRWPZ4aFXtHKdxpvWgwbgO5KfO_DzPaidmXE0PEwW_xtFWY-8vn5oJMGNTeP HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA5Nzc4MzQ3ODk0MjczODg4&google_push=AXcoOmSbTBGzTxXkRJgBy1V32WjGVoTjddzYAtPkf5JwDRWPZ4aFXtHKdxpvWgwbgO5KfO_DzPaidmXE0PEwW_xtFWY-8vn5oJMGNTeP

Request Chain 188

https://fw.adsafeprotected.com/rfw/st/987057/61527014/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-0840729773249552&ias_chanId=1&ias_placementId=20343401411&bidurl=https://www.xn--12c4cbf7aots1ayx.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hzS39ImhvlKGl4G2i1OVwq&adContainerId=brand_safety_ggWKZYL9A-uz9u8P0ZSv8A4&cbFunctionName=goog_wrapCb_ggWKZYL9A-uz9u8P0ZSv8A4&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-0840729773249552%26output%3Dhtml%26h%3D600%26adk%3D2796972978%26adf%3D1113655316%26pi%3Dt.aa~a.1030450696~rp.4%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1703544193%26rafmt%3D1%26to%3Dqs%26pwprc%3D4018023627%26format%3D300x600%26url%3Dhttps%253A%252F%252Fwww.xn--12c4cbf7aots1ayx.com%252F%26ea%3D0%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703544193178%26bpp%3D1%26bdt%3D2654%26idt%3D0%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Dff57e29d47aff64a%253AT%253D1703544192%253ART%253D1703544192%253AS%253DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw%26gpic%3DUID%253D00000d2b21b13218%253AT%253D1703544192%253ART%253D1703544192%253AS%253DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng%26prev_fmts%3D0x0%252C729x280%26nras%3D2%26correlator%3D8297435567579%26frm%3D20%26pv%3D1%26ga_vid%3D135566721.1703544192%26ga_sid%3D1703544192%26ga_hid%3D1274857062%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1028%26ady%3D1694%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C42532599%252C44795922%252C95320884%26oid%3D2%26psts%3DAOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ%26pvsid%3D4038426443409515%26tmod%3D1150000754%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26dtd%3D2&adsafe_type=d&adsafe_jsinfo=,id:997c31bd-5568-7057-4c2f-73cf84ac7a38,c:xR4t73,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765c58974b-4dzwq,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tZuFPzL+11%7C12%7C13%7C141%7C15*.987057-61527014%7C151%7C152%7C153%7C154%7C161%7C1711%7C1712%7C17131%7C181,idMap:15*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:12,oid:fd1d2c97-a376-11ee-93aa-364d5a1b8bfc,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ggWKZYL9A-uz9u8P0ZSv8A4&cbFunctionName=goog_wrapCb_ggWKZYL9A-uz9u8P0ZSv8A4&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js

199 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.xn--12c4cbf7aots1ayx.com/
Redirect Chain

http://www.xn--12c4cbf7aots1ayx.com/
https://www.xn--12c4cbf7aots1ayx.com/

77 KB
7 KB

1627ms
399ms

Document
text/html

119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 9380a1a7283460146651eea364b6e80968da43b478f299dfdb2da42eaf91e9ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 6415
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Dec 2023 22:43:10 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache/2
Vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Content-Length: 245
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 25 Dec 2023 22:43:08 GMT
Keep-Alive: timeout=2, max=100
Location: https://www.xn--12c4cbf7aots1ayx.com/
Server: Apache/2

GET
H/1.1 200
OK prakad1.css
www.xn--12c4cbf7aots1ayx.com/responsive/ 5 KB
2 KB 322ms
320ms Stylesheet
text/css 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/prakad1.css
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 7f5fb9a89ea48833989b0880601fd972784b05cebfe2a3983b8ae09402258b12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Feb 2020 19:09:10 GMT
Server: Apache/2
ETag: "1518-59e011fe404ec-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1516

GET
H/1.1 200
OK prakad2.css
www.xn--12c4cbf7aots1ayx.com/responsive/ 28 KB
4 KB 316ms
314ms Stylesheet
text/css 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/prakad2.css
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: cdd15c7795929a9f8ae2027e000d527cd843e3b170e2f8cdcf7870fd5ab5fb7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Feb 2020 19:09:10 GMT
Server: Apache/2
ETag: "71a9-59e011fe6f2e8-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 4009

GET
H/1.1 200
OK prakad3.css
www.xn--12c4cbf7aots1ayx.com/responsive/ 5 KB
2 KB 659ms
343ms Stylesheet
text/css 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/prakad3.css
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: dc35eff3391328df5cbe0fef3fbff29f391a1a6f24682edcc625e9e1f567821f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Feb 2020 19:09:11 GMT
Server: Apache/2
ETag: "1389-59e011fe92565-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 1208

GET
H/1.1 200
OK prakad4.css
www.xn--12c4cbf7aots1ayx.com/responsive/ 12 KB
2 KB 664ms
342ms Stylesheet
text/css 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/prakad4.css
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: a108cb45f83451bb7fc6092071393cf2210d41d142d38f09168055acb2395264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Feb 2020 19:09:11 GMT
Server: Apache/2
ETag: "2eaf-59e011feabf8b-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 2084

GET
H/1.1 200
OK responsivemobilemenu.css
www.xn--12c4cbf7aots1ayx.com/responsive/nav/ 3 KB
1 KB 944ms
283ms Stylesheet
text/css 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/nav/responsivemobilemenu.css
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: b8cabdb3b158fe0bb430e7ceaaf4104c0f44f45881ad407a0a4b31ff5cda38fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Feb 2020 19:09:14 GMT
Server: Apache/2
ETag: "ca6-59e012021f40e-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=98
Content-Length: 898

GET
H/1.1 200
OK jquery.min.js Show response
www.xn--12c4cbf7aots1ayx.com/responsive/ 94 KB
33 KB 958ms
293ms Script
application/javascript 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/jquery.min.js
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Feb 2020 19:09:10 GMT
Server: Apache/2
ETag: "1764d-59e011fdfbf32-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 33250

GET
H/1.1 200
OK responsivemobilemenu.js Show response
www.xn--12c4cbf7aots1ayx.com/responsive/nav/ 2 KB
1 KB 1258ms
313ms Script
application/javascript 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/nav/responsivemobilemenu.js
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: ecdff08d004f07b6313a937fc1c0e534b433144764a5b6a621a8130764405400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Feb 2020 19:09:15 GMT
Server: Apache/2
ETag: "983-59e012025ef91-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=97
Content-Length: 887

GET
H/1.1 200
OK html5.js Show response
www.xn--12c4cbf7aots1ayx.com/responsive/ 2 KB
2 KB 1542ms
283ms Script
application/javascript 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/html5.js
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 8fe9332d0b3e8f02207504e4165b9d33f0fe49223fa9ac690dfaa910344f7570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:11 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jun 2022 00:43:37 GMT
Server: Apache/2
ETag: "983-5e0e4fee2e040-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 1257

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 152ms
95ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28635e590018f1c9ac45810a174e67af44e0478f758ec74c632d9ac7f36433a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51281
x-xss-protection: 0
server: cafe
etag: 14093973599681297180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:43:12 GMT

GET
H/1.1 200
OK logo.png
www.xn--12c4cbf7aots1ayx.com/responsive/img/ 9 KB
10 KB 1154ms
418ms Image
image/png 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/img/logo.png
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 79ece3368eda382c30d76f12ef09050ea92ed3ac2c1eb18171e440d517e7b6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:12 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:14 GMT
Server: Apache/2
ETag: "2580-59e01201749a5"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=96
Content-Length: 9600

GET
H/1.1 200
OK 15052013korpor1.jpg
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 4 KB
4 KB 1309ms
430ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/15052013korpor1.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: c6de46a1a810eea0e138ca97ee542cc5e95e8152974885e729c82606a333be28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:12 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:23 GMT
Server: Apache/2
ETag: "103f-59e0120aa3a09"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 4159

GET
H/1.1 200
OK 16102012%E0%B8%AA%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9C...
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 13 KB
13 KB 1440ms
323ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/16102012%E0%B8%AA%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%95%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B9%80%E0%B8%87%E0%B8%B4%E0%B8%99%E0%B9%81%E0%B8%9C%E0%B9%88%E0%B8%99%E0%B8%94%E0%B8%B4%E0%B8%99.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 817d487ca1a6b6b8350faa33d5abcffea72414e702b45b47648bdf87cd0bafd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:13 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:24 GMT
Server: Apache/2
ETag: "340e-59e0120bd50a6"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 13326

GET
H/1.1 200
OK 26092012%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%98%E0%B8%99%E0%B8%B2%E0%B8%A3%E0%B8%B1%E0%B8%81%E0%B8%A9%E0%B9%8C.jpg
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 11 KB
11 KB 1748ms
357ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/26092012%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%98%E0%B8%99%E0%B8%B2%E0%B8%A3%E0%B8%B1%E0%B8%81%E0%B8%A9%E0%B9%8C.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 23d5176b98455d1d7b5eee69e3964888e7e88f2539345885d4532637c87cee9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:13 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:28 GMT
Server: Apache/2
ETag: "2a05-59e0120f7ec3d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=92
Content-Length: 10757

GET
H/1.1 200
OK %E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%9A%E0%B8%B1%E0%B8%87%E0%B8%84%E0%B8%B1%E0%B8%9A%E0%B8%84%E0%B8%94%E0%B8%B5.jpg
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 2 KB
2 KB 1773ms
353ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%9A%E0%B8%B1%E0%B8%87%E0%B8%84%E0%B8%B1%E0%B8%9A%E0%B8%84%E0%B8%94%E0%B8%B5.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: baa16932743d82a2919d33ff0226b146c2a1905b0aee5e9721e045f4c7fa9a25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:13 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:32 GMT
Server: Apache/2
ETag: "856-59e0121375644"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 2134

GET
H/1.1 200
OK 24012013%E0%B8%AA%E0%B8%AD%E0%B8%9A%E0%B8%84%E0%B8%A3%E0%B8%B9.jpg
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 10 KB
10 KB 1916ms
288ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/24012013%E0%B8%AA%E0%B8%AD%E0%B8%9A%E0%B8%84%E0%B8%A3%E0%B8%B9.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 2eef6407816a478e570955ca766a089e471801d8ff516626a776d276ba3df5bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:13 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:27 GMT
Server: Apache/2
ETag: "28cb-59e0120e75254"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 10443

GET
H/1.1 200
OK 14092012%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%9B%E0%B8%A8%E0%B8%B8%E0%B8%AA%E0%B8%B1%E0%B8%95%E0%B8%A7%E0%B9%8C.jpg
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 17 KB
17 KB 865ms
453ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/14092012%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%9B%E0%B8%A8%E0%B8%B8%E0%B8%AA%E0%B8%B1%E0%B8%95%E0%B8%A7%E0%B9%8C.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: f08c80c68d49801ca85d0c10e1965d966920ea7ed4707f575b12ba7912247c64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:12 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:23 GMT
Server: Apache/2
ETag: "4297-59e0120a2e713"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=94
Content-Length: 17047

GET
H/1.1 200
OK 05092012%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%8A%E0%B8%A5%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%97%E0%B8%B2%E0%B8%99.jpg
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 17 KB
17 KB 1399ms
320ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/05092012%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%8A%E0%B8%A5%E0%B8%9B%E0%B8%A3%E0%B8%B0%E0%B8%97%E0%B8%B2%E0%B8%99.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 610b3d8cbdb9453b0803cd5eed57641182a5d08567ffa22ca84cbc5cdc1767cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:13 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:17 GMT
Server: Apache/2
ETag: "431f-59e0120525683"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 17183

GET
H/1.1 200
OK 15092012%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%82%E0%B8%99%E0%B8%AA%E0%B9%88%E0%B8%87%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B8%9A%E0%B8%81.jpg
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 15 KB
15 KB 1422ms
325ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/15092012%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%82%E0%B8%99%E0%B8%AA%E0%B9%88%E0%B8%87%E0%B8%97%E0%B8%B2%E0%B8%87%E0%B8%9A%E0%B8%81.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 5651532852631e522b47316277d2e45bfe0a3d8214e2533fe1f837324f2f2746

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:13 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:23 GMT
Server: Apache/2
ETag: "3b49-59e0120ade383"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 15177

GET
H/1.1 200
OK 21012013%E0%B8%AA%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B8%95%E0%B8%B3%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B9%81%E0%B8%AB%E0%B9%88%E0%B8%87%E0%B8%8A%E0%B8%B2%E0%B8%95%E0%B8%B4...
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 16 KB
17 KB 1417ms
332ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/21012013%E0%B8%AA%E0%B8%B3%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B8%95%E0%B8%B3%E0%B8%A3%E0%B8%A7%E0%B8%88%E0%B9%81%E0%B8%AB%E0%B9%88%E0%B8%87%E0%B8%8A%E0%B8%B2%E0%B8%95%E0%B8%B4.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 2dd4d5b016f0312fe5b7673611fee7534a1749421d38f0010186feb5b24698ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:13 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:26 GMT
Server: Apache/2
ETag: "4199-59e0120d7a2c9"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=93
Content-Length: 16793

GET
H/1.1 200
OK %E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%9D%E0%B8%99%E0%B8%AB%E0%B8%A5%E0%B8%A7%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B8%B0%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%9A%E0%B8%B4%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%A9%E0%B8%9...
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 4 KB
5 KB 1022ms
284ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%9D%E0%B8%99%E0%B8%AB%E0%B8%A5%E0%B8%A7%E0%B8%87%E0%B9%81%E0%B8%A5%E0%B8%B0%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%9A%E0%B8%B4%E0%B8%99%E0%B9%80%E0%B8%81%E0%B8%A9%E0%B8%95%E0%B8%A32.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 29ccbdfe79b0b168077c12ece53531c998b5ace82bd32487286781509ec6e82f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:12 GMT
Last-Modified: Wed, 08 Sep 2021 06:07:01 GMT
Server: Apache/2
ETag: "113e-5cb75b0d43f88"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=94
Content-Length: 4414

GET
H/1.1 200
OK %E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%9A%E0%B8%B1%E0%B8%8D%E0%B8%8A%E0%B8%B5%E0%B8%81%E0%B8%A5%E0%B8%B2%E0%B8%87.jpg
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 3 KB
4 KB 319ms
319ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%9A%E0%B8%B1%E0%B8%8D%E0%B8%8A%E0%B8%B5%E0%B8%81%E0%B8%A5%E0%B8%B2%E0%B8%87.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 1c2ec9753492093bda6ef67d572f1b47451d1aa4ba702915aef375c71695e030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:13 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:33 GMT
Server: Apache/2
ETag: "d83-59e01213a4058"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=92
Content-Length: 3459

GET
H/1.1 200
OK %E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%84%E0%B8%A7%E0%B8%9A%E0%B8%84%E0%B8%B8%E0%B8%A1%E0%B8%A1%E0%B8%A5%E0%B8%9E%E0%B8%B4%E0%B8%A9.jpg
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 4 KB
4 KB 323ms
323ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%84%E0%B8%A7%E0%B8%9A%E0%B8%84%E0%B8%B8%E0%B8%A1%E0%B8%A1%E0%B8%A5%E0%B8%9E%E0%B8%B4%E0%B8%A9.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: b2230bec4800a1c1f41282cdea971eb3be0f0deeb0fc2c061711cf6c814cb163

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:13 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:31 GMT
Server: Apache/2
ETag: "f91-59e0121281032"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 3985

GET
H/1.1 200
OK 02102012%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%9B%E0%B8%81%E0%B8%84%E0%B8%A3%E0%B8%AD%E0%B8%87%E0%B8%AA%E0%B9%88%E0%B8%A7%E0%B8%99%E0%B8%97%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%96...
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 14 KB
14 KB 329ms
328ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/02102012%E0%B8%81%E0%B8%A3%E0%B8%A1%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%9B%E0%B8%81%E0%B8%84%E0%B8%A3%E0%B8%AD%E0%B8%87%E0%B8%AA%E0%B9%88%E0%B8%A7%E0%B8%99%E0%B8%97%E0%B9%89%E0%B8%AD%E0%B8%87%E0%B8%96%E0%B8%B4%E0%B9%88%E0%B8%99.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: a015f51999f21d2db2f7ba880e7b530bd8424b18f488784694ccf6f1f88bda39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:13 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:16 GMT
Server: Apache/2
ETag: "3762-59e01203b9282"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=99
Content-Length: 14178

GET
H/1.1 200
OK 17092012%E0%B8%98%E0%B8%81%E0%B8%AA.jpg
www.xn--12c4cbf7aots1ayx.com/s_prd_img/ 13 KB
13 KB 362ms
362ms Image
image/jpeg 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/s_prd_img/17092012%E0%B8%98%E0%B8%81%E0%B8%AA.jpg
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: b247c2754d8fd6b3c3f9ee64d67fd16d93ff30bcdbf8955f83cd9055a0638c69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:14 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:25 GMT
Server: Apache/2
ETag: "3427-59e0120c36f06"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=91
Content-Length: 13351

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame 6F6B 39 KB
15 KB 206ms
156ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2581%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25AD%25E0%25B8%259Acom%2F404237596310906&width=255&height=258&colorscheme=light&show_faces=true&border_color&stream=false&header=false

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7dbe0842b587c144bdb5e2ac8e98ddaa581ffe3cffbf8da3fa4005427bbe0033

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--12c4cbf7aots1ayx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:43:12 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: GqaOiS6wa/ZHln7Yg58L8ts5nInrLY0Y5lhlj1yrWnoS6fp0KaGHd0m7oHGFi4GzlUGwRyAhy910XH0rtMvW4Q==
x-xss-protection: 0

GET
H/1.1 200
OK bgOFF.gif
www.xn--12c4cbf7aots1ayx.com/responsive/img/ 158 B
427 B 1368ms
345ms Image
image/gif 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/img/bgOFF.gif
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/prakad2.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 6dc358d9251c5d3838f6928c2b7d9a4f0df98d97fb5c1e4cf7a1fa080de25742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/responsive/prakad2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:13 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:13 GMT
Server: Apache/2
ETag: "9e-59e01200f52a0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=93
Content-Length: 158

GET
H/1.1 200
OK bgDIVIDER.gif
www.xn--12c4cbf7aots1ayx.com/responsive/img/ 300 B
570 B 737ms
486ms Image
image/gif 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/img/bgDIVIDER.gif
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/prakad2.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 751b219b5e00b479f72291d82d001e5a1d76f62f1945774e8b161c9f194c495c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/responsive/prakad2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:12 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:13 GMT
Server: Apache/2
ETag: "12c-59e01200bcc4d"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=95
Content-Length: 300

GET
H/1.1 200
OK bullet-list-related-news.png
www.xn--12c4cbf7aots1ayx.com/responsive/img/ 967 B
1 KB 1400ms
321ms Image
image/png 119.59.116.158
METRABYTE-TH 453 ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/img/bullet-list-related-news.png
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/responsive/prakad2.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.59.116.158 , Thailand, ASN56067 (METRABYTE-TH 453 Ladplacout Jorakhaebua, TH),
Reverse DNS
Software: Apache/2 /
Resource Hash: 1a4a6bf3d8b95e6edb2426c1a5ce01e0dc293c679c11717e5460d0c65b1969d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/responsive/prakad2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 22:43:13 GMT
Last-Modified: Fri, 07 Feb 2020 19:09:14 GMT
Server: Apache/2
ETag: "3c7-59e012016826e"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 967

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0840729773249552&plah=www.xn--12c4cbf7aots1ayx.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24f899b83502b127d8dbe4428b3fb9b4de937eb72d6df8d7572ec40e0496f567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137961
x-xss-protection: 0
server: cafe
etag: 6798711947377103569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:43:12 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame B068 9 KB
4 KB 87ms
27ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--12c4cbf7aots1ayx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Mon, 08 Jan 2024 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/ Frame 6F6B 20 KB
6 KB 83ms
30ms Stylesheet
text/css 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2581%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25AD%25E0%25B8%259Acom%2F404237596310906&width=255&height=258&colorscheme=light&show_faces=true&border_color&stream=false&header=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xXCq6/qryia0kWXvm23HIA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5237
reporting-endpoints
x-fb-debug: JUDsVWDePycwoWveuQE9gg8vrQs/nyJMutPycndi0F+sSLr0W1enYOnjwgCFjldOw2y7wywk/l0URC1RQ9uXag==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 18 Dec 2024 13:45:11 GMT

GET
H2 200 iZpNYL8JfUb.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 6F6B 355 KB
92 KB 84ms
31ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/iZpNYL8JfUb.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ca15ac1540010cea7015b4e4ec35c33cd999430f4bd5221b94e66d319456b2b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xsO4Q3RmuC1PPAMeNJW+pw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93994
reporting-endpoints
x-fb-debug: uD+St5BSBmQTrYb0G+YOzEiaVI97v7rXPmT0lmDiYyPvSB1K+tNiPRnjNjWEwhniluHiHo38haNAvkdtm6hRqw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 20 Dec 2024 01:03:45 GMT

GET
H2 200 teTZ2tZqwkq.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 6F6B 7 KB
2 KB 84ms
31ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/teTZ2tZqwkq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bcb3ba5be62072a5be691a6cb4625b83ab20458f7543e78575c665ce64743c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qO1vcfOdsbovoV9UmybnhA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2250
reporting-endpoints
x-fb-debug: gPcPgw1fz9zlOd7EXyNFcZHgCJdSmDb9V+HX4rb7bRAg10unIIuXFtzsrSU5PUwpc2YO/968jGIbWVdF+QLlnA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 23 Dec 2024 16:37:40 GMT

GET
H2 200 414NUtwuGAO.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 6F6B 94 KB
27 KB 104ms
51ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/414NUtwuGAO.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7a8490d7353f4d29b7a7c0e0da1a610d1067d0bfdbb8d88df5764651b9d25fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hmfTcKzH8YSfKfUldK7oUw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27400
reporting-endpoints
x-fb-debug: +6/S2tMHA3+5ok7G8q6t2558aCrxYMKnXbNCXrIBY3W7SrVe2wZf55g66xpH227TrN2D/XJB3nFF7cf8OP+G9w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 23 Dec 2024 16:37:40 GMT

GET
H2 200 t_SlUrtqj3p.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame 6F6B 52 KB
17 KB 105ms
51ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/t_SlUrtqj3p.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

369570af203fe832b39be7ff64f94f07b6c97c928b733a9b9e6c8bcf1a98652c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bjNrzrx9as9CpDFfF+BSww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16795
reporting-endpoints
x-fb-debug: mhETVYqfjc47xGxHDjwoMnZI2GiNPCV3I4FPt++cUNEOKejkSmsYeOK/ukmECJs3VfAIWhkFS4YhVYg1elZVeA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 23 Dec 2024 16:37:40 GMT

GET
H2 200 y1wKntgIB6R.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/yi/l/de_DE/ Frame 6F6B 70 KB
20 KB 105ms
52ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/yi/l/de_DE/y1wKntgIB6R.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1511fef487a5a04cf2a5c0440b5b47b0d3453f99d93b3663f226e5d254a2c0ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CHSJUBcbrKevEs4bKO5USQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20119
reporting-endpoints
x-fb-debug: OENf9c8AHbGpHeOPIKx48YbXK09a4v9pQtU34A823LHKVVr62reyXRSWiVMGsObqAzc96tmW6FN7srQAYk/hpw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 19 Dec 2024 21:38:26 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 6F6B 507 B
759 B 83ms
30ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:43:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: 54kOmNtPvXlAtO/OGPlsJJnbK8LcHbsZ8r7lH8Rd20xOgfghHHVTX2/Hl7abD8GZbQzJaoH9y/16M2fy+4pJ0g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 17 Dec 2024 07:36:55 GMT

GET
H2 200 352202006_218456627701274_6756923509040587521_n.jpg
scontent.xx.fbcdn.net/v/t39.30808-1/ Frame 6F6B 1 KB
2 KB 90ms
31ms Image
image/jpeg 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t39.30808-1/352202006_218456627701274_6756923509040587521_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=103&ccb=1-7&_nc_sid=4da83f&_nc_ohc=hyhNMp-2fEUAX_riqkE&_nc_ht=scontent.xx&edm=AEDRbFQEAAAA&oh=00_AfCszBIovHaTeHMTk26uH2SWYS624NqWlOyBi4gBJu-cSQ&oe=658E40E1
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2F%25E0%25B8%259B%25E0%25B8%25A3%25E0%25B8%25B0%25E0%25B8%2581%25E0%25B8%25B2%25E0%25B8%25A8%25E0%25B8%259C%25E0%25B8%25A5%25E0%25B8%25AA%25E0%25B8%25AD%25E0%25B8%259Acom%2F404237596310906&width=255&height=258&colorscheme=light&show_faces=true&border_color&stream=false&header=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: efbafa1c2dc05f9956826b3764660b80b0a523f22623c56fff8a14cfca74b249

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:12 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 08 Jun 2023 13:16:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3104270548
thrift_fmhk: GBBg9k4KXDks9039PgWKSUtZFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 603343112
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1230

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2090 461 KB
127 KB 615ms
613ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&adk=1812271804&adf=3025194257&lmt=1703544192&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544192274&bpp=3&bdt=1750&idt=193&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8297435567579&frm=20&pv=2&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=210

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-0840729773249552&plah=www.xn--12c4cbf7aots1ayx.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba1997f13a9a9fe348856527a3c4fa3bfdf77052eccd5b94b8ecfb60bcde05aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--12c4cbf7aots1ayx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 129716
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:43:13 GMT
expires: Mon, 25 Dec 2023 22:43:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 17C1 131 KB
43 KB 477ms
476ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=280&slotname=1690737932&adk=3129314618&adf=980083703&pi=t.ma~as.1690737932&w=729&fwrn=4&fwrnh=100&lmt=1703544192&rafmt=1&format=729x280&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544192277&bpp=1&bdt=1753&idt=215&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=273&ady=1023&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=220

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f42a06bfc3875268c9e2a7cf71b69a0cf1792491ff62fb5e1d849429b1cd5d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--12c4cbf7aots1ayx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44015
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:43:12 GMT
expires: Mon, 25 Dec 2023 22:43:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 6F6B 573 B
712 B 61ms
30ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 25 Dec 2023 22:43:12 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: x5e4cdNt7n4VqPnUfVRUVCwLgJrGur0Dhv1mghgjq4tcXr7RVrbZyQO4e26w5sLzuyoCQ2Vd/LAEWGbcpGoeZQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1,i
expires: Wed, 11 Dec 2024 00:49:54 GMT

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 17C1 8 KB
4 KB 92ms
29ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=280&slotname=1690737932&adk=3129314618&adf=980083703&pi=t.ma~as.1690737932&w=729&fwrn=4&fwrnh=100&lmt=1703544192&rafmt=1&format=729x280&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544192277&bpp=1&bdt=1753&idt=215&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=273&ady=1023&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 04:39:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3480
x-xss-protection: 0
server: cafe
etag: 1596694241577312856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 04:39:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 17C1 14 KB
2 KB 99ms
36ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 22:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 22:13:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 22:43:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 17C1 2 KB
875 B 30ms
29ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 17C1 23 KB
9 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 17C1 3 KB
1 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 17C1 20 KB
9 KB 90ms
28ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 17C1 203 KB
65 KB 108ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:43:13 GMT

GET f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 17C1 0
0

GET
H2 200 3476445066299407086
tpc.googlesyndication.com/simgad/2533312358236032979/ Frame 17C1 82 KB
83 KB 29ms
29ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2533312358236032979/3476445066299407086

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41df37eb76edace45dc1e786798badf87d8ad1b4643b47526400751d1f8f5a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:05:52 GMT
date: Tue, 19 Dec 2023 09:05:52 GMT
x-content-type-options: nosniff
age: 567441
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84406
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 18:04:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 17C1 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17C1 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 17C1 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9df730dfad6435ec8aa184f48fe947ef12587d0deed88f4ef84196c2dbc4fea3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

845f85e1514e9daf9bbdce8848cfb2291516fd1c08b33b5442866771fdcae064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56013
x-xss-protection: 0
server: cafe
etag: 12003103348929325532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:43:13 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 57A7 26 KB
12 KB 762ms
761ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6997a1c113e1456f6e1a6f5d1518d65699edfde404d7094f247c0b133f5aaec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--12c4cbf7aots1ayx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12395
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:43:13 GMT
expires: Mon, 25 Dec 2023 22:43:13 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 17C1 33 KB
34 KB 105ms
35ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 21:01:51 GMT
x-content-type-options: nosniff
age: 438082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 21:01:51 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 944A 9 KB
4 KB 35ms
34ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--12c4cbf7aots1ayx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Mon, 08 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 35F5 9 KB
4 KB 34ms
34ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--12c4cbf7aots1ayx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Mon, 08 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame FC79 9 KB
4 KB 34ms
34ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--12c4cbf7aots1ayx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 04:17:07 GMT
etag: 5585625838579639069
expires: Mon, 08 Jan 2024 04:17:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 944A 6 KB
779 B 41ms
40ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 22:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 21:13:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 22:43:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 944A 2 KB
822 B 29ms
29ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 944A 23 KB
9 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 944A 3 KB
1 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 944A 20 KB
8 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 944A 203 KB
64 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:43:13 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 944A 37 KB
15 KB 111ms
37ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 13:56:43 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0AA4 624 B
246 B 76ms
75ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEJ_18b0CGNz3hLQBMAE&v=APEucNWd81Pbv3hQIlbcPEEFjYR56Hv3a8hKCp234b0DOP-SI2Tbdf5SKCAWhb6-Mvd5u6XHpDNuEzy2W5JnAahu0HfC6aZmbHNAGIVjU9d6HwlQYoJSW_TvJZhU2ojb4iFQLzjyaRJAuL_vy3NABQHiCec7FmF9MgYAa77XyS4dUM-_uOsT3hk

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:43:13 GMT
expires: Mon, 25 Dec 2023 22:43:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C4A8 172 KB
61 KB 116ms
34ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 11:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38678
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 11:58:35 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame C4A8 7 KB
3 KB 37ms
33ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 08:59:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame C4A8 23 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 00:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79181
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 00:43:32 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C4A8 41 KB
14 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 550437
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 13:49:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C4A8 3 KB
1 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame C4A8 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4A8 203 KB
64 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:43:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4A8 42 B
63 B 69ms
68ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CRaPyRrV-Gs_AqKnasvLUOFcbs8D7uxCMq8jcYSr0uGbvdot8Bgjpkh-O1dd6EeWDjNPq2kVH6BFeduZr6-ni6yZMVqVCafx3U2_nBJWy_9Ln5APE

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FC79 6 KB
779 B 43ms
43ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 25 Dec 2023 22:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Dec 2023 20:52:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Dec 2023 22:43:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FC79 2 KB
822 B 32ms
32ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame FC79 23 KB
9 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FC79 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame FC79 20 KB
8 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:49 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC79 203 KB
64 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:43:13 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame FC79 37 KB
15 KB 56ms
33ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 13:56:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 24 Mar 2024 13:56:43 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/4270467728249758103/ Frame FC79 24 KB
24 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4270467728249758103/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8158ec4920e56424c77cc2077a031ae47cc35e0b2554aef8dc3ca4cb5caea56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 20 Dec 2024 13:53:00 GMT
date: Thu, 21 Dec 2023 13:53:00 GMT
x-content-type-options: nosniff
age: 377413
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24112
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 15:47:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15267063501302224999/ Frame FC79 970 B
998 B 57ms
57ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15267063501302224999/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c938f540999b5c15290702b05e7aeb22190a8148adf8ec4b768de6e4170ea28a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 23:13:21 GMT
date: Tue, 19 Dec 2023 23:13:21 GMT
x-content-type-options: nosniff
age: 516592
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 970
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 15:47:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 17C1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CtFX-gAWKZaXmH7aG7_UP572IyAeFj8z-dOrFhK-LEpSWseLePxABIIyHpiBglaKkgrAHoAHp_fXPA8gBCagDAcgDywSqBOIBT9Dpcd02-tIYDikH0-wdIKhDOUGCTJbTaeAxaBLEXTva1lT...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222075792502064623650%22,%22debug_reporting%22:true,%22destination%22:%22https://bestsearches.net%22,%22event_report_window%...

0
0

145ms
72ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222075792502064623650%22,%22debug_reporting%22:true,%22destination%22:%22https://bestsearches.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22972914409%22],%2222%22:[%22true%22],%224%22:[%2212-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214188346328504241505%22}&andc=true

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2075792502064623650","debug_reporting":true,"destination":"https://bestsearches.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"22":["true"],"4":["12-25"],"6":["true"]},"priority":"500","source_event_id":"14188346328504241505"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Dec 2023 22:43:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 22:43:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2075792502064623650","debug_reporting":true,"destination":"https://bestsearches.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["972914409"],"22":["true"],"4":["12-25"],"6":["true"]},"priority":"500","source_event_id":"14188346328504241505"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame 2ABC 51 KB
19 KB 37ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 18:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Dec 2024 18:08:59 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7185 38 KB
13 KB 34ms
34ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 548554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 14:20:39 GMT
expires: Wed, 18 Dec 2024 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 0AA4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE99MUvnj2MSt1QDnabgmF8&google_cver=1

43 B
339 B

93ms
93ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE99MUvnj2MSt1QDnabgmF8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEJ_18b0CGNz3hLQBMAE&v=APEucNWd81Pbv3hQIlbcPEEFjYR56Hv3a8hKCp234b0DOP-SI2Tbdf5SKCAWhb6-Mvd5u6XHpDNuEzy2W5JnAahu0HfC6aZmbHNAGIVjU9d6HwlQYoJSW_TvJZhU2ojb4iFQLzjyaRJAuL_vy3NABQHiCec7FmF9MgYAa77XyS4dUM-_uOsT3hk
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rJH7qHbNoiVkIXsjHVzeHCNrXVmzOI1WY746nA6yJmoMrPZUvvO6KlK%2BYq1EKP0Ahzk%2BDiki%2Fg0UrOzcxUbcvoGvPdYdr9d75MNTtBKJP8uBF2ZyJzmj6Mwl25w5ueY1oC8hkURD%2BL1ZPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b49a0a8cca4541-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEE99MUvnj2MSt1QDnabgmF8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 0AA4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYoFgQOBk0QRtABo4tvm7QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJo2IH76Wx3AIaY2FjKkD9I&google_cver=1

43 B
326 B

61ms
61ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJo2IH76Wx3AIaY2FjKkD9I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEJ_18b0CGNz3hLQBMAE&v=APEucNWd81Pbv3hQIlbcPEEFjYR56Hv3a8hKCp234b0DOP-SI2Tbdf5SKCAWhb6-Mvd5u6XHpDNuEzy2W5JnAahu0HfC6aZmbHNAGIVjU9d6HwlQYoJSW_TvJZhU2ojb4iFQLzjyaRJAuL_vy3NABQHiCec7FmF9MgYAa77XyS4dUM-_uOsT3hk
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOiIqArV3BRGmyjNPl8nIw1swc1ToU0KgcP3gG56%2B64OwY%2Ffet3UhS7Mio78xp4wDqiNnf90drA%2BeLXQ0ipVbc5r%2FWvd%2FxFCPQql1Pk4MdEsMcKimEOHKbrHHu2iFUAD0BSC1Derowmcig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b49a0b4e2d4541-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJo2IH76Wx3AIaY2FjKkD9I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 0AA4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELYN2C3XGeFucTCGVD8Cw6E&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELYN2C3XGeFucTCGVD8Cw6E%26google_cver%3D1

43 B
895 B

53ms
53ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELYN2C3XGeFucTCGVD8Cw6E%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN8DEJ_18b0CGNz3hLQBMAE&v=APEucNWd81Pbv3hQIlbcPEEFjYR56Hv3a8hKCp234b0DOP-SI2Tbdf5SKCAWhb6-Mvd5u6XHpDNuEzy2W5JnAahu0HfC6aZmbHNAGIVjU9d6HwlQYoJSW_TvJZhU2ojb4iFQLzjyaRJAuL_vy3NABQHiCec7FmF9MgYAa77XyS4dUM-_uOsT3hk

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
an-x-request-uuid: 54660792-d888-413b-8db1-02449a3d14fe
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.131; 217.114.215.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
an-x-request-uuid: 552ec328-c3c1-4a19-97ed-6db0ff68fcf4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELYN2C3XGeFucTCGVD8Cw6E%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.131; 217.114.215.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0AA4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0OTIxODI5NTU4NzU0NzMyNQ%3D%3D

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0OTIxODI5NTU4NzU0NzMyNQ%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
an-x-request-uuid: a5bd95d8-cd4e-43c8-ace1-ae5a67aa2faa
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg0OTIxODI5NTU4NzU0NzMyNQ%3D%3D
x-proxy-origin: 217.114.215.131; 217.114.215.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FC79 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45323d7e874b88d68ed00fbb2a226b8e0cbc7f776ce930de33e96d09cb59632a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 165ms
77ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 22:43:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/4270467728249758103/ Frame 944A 26 KB
26 KB 33ms
32ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4270467728249758103/2076313506083323656

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bcadbc52cc7d5d4043666f1e9641f75f918e5fdecc8c99e17e1c0a9a02ad6cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 05:29:52 GMT
date: Tue, 19 Dec 2023 05:29:52 GMT
x-content-type-options: nosniff
age: 580401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26623
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 15:47:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/15267063501302224999/ Frame 944A 970 B
998 B 30ms
30ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15267063501302224999/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c938f540999b5c15290702b05e7aeb22190a8148adf8ec4b768de6e4170ea28a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 23:13:21 GMT
date: Tue, 19 Dec 2023 23:13:21 GMT
x-content-type-options: nosniff
age: 516592
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 970
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 15:47:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 944A 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 944A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c80751db16c41b3491a5fefb8c1308e5b108c740fc57a5d160ba7b8634582cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 944A 15 KB
16 KB 31ms
30ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 281032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 944A 15 KB
15 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 00:01:51 GMT
x-content-type-options: nosniff
age: 600082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 00:01:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 944A 15 KB
15 KB 77ms
77ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 568144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:54:09 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7185 39 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FC79 15 KB
16 KB 75ms
74ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 281032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 16:39:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FC79 15 KB
15 KB 76ms
76ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 00:01:51 GMT
x-content-type-options: nosniff
age: 600082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 00:01:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FC79 15 KB
15 KB 77ms
77ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:54:09 GMT
x-content-type-options: nosniff
age: 568144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:54:09 GMT

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame BA4F 51 KB
19 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 18:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Dec 2024 18:08:59 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 944A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CisLPgAWKZeOkH6LY9u8PiMyykAzUu6jQdLTpo9jMEtnZHhABIIyHpiBglaKkgrAHoAGvyvjFA8gBCakCEWOGTlF4sj6oAwHIA8sEqgTkAU_Qag2b4cd3BvkppCL47SA1wbhIwKcpq97JHnU...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223498390857869573359%22,%22debug_reporting%22:true,%22destination%22:%22https://mey.com%22,%22event_report_window%22:%22259...

0
0

108ms
70ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223498390857869573359%22,%22debug_reporting%22:true,%22destination%22:%22https://mey.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951985455%22],%2222%22:[%22true%22],%224%22:[%2212-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218389877005472444065%22}&andc=true

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3498390857869573359","debug_reporting":true,"destination":"https://mey.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951985455"],"22":["true"],"4":["12-25"],"6":["true"]},"priority":"500","source_event_id":"18389877005472444065"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Dec 2023 22:43:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 22:43:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3498390857869573359","debug_reporting":true,"destination":"https://mey.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951985455"],"22":["true"],"4":["12-25"],"6":["true"]},"priority":"500","source_event_id":"18389877005472444065"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 27 KB
4 KB 109ms
41ms Document
text/html 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

250d1754276fdbf27801c0b29972957008a92485b0ba73f5c1b827d883db4eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:43:13 GMT
expires: Tue, 24 Dec 2024 22:43:13 GMT
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame C4A8 0
0 180ms
84ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstzd3gtJGGI-0wykqCfHPrLy3kid-INHfla6HXS81TchfC2eG3NQyDJzygWlz_dCLjWPUXn3xufgQBy6_-Yju7Swr1PPiFc9envkKLC4qDKSp38gkRVx0A1JLRagjKyDXA-CDsB91ssxhgGNWE1UjorwJbGqcMEVFvsRF79a7j1fpNSWgE9IgwAaCLrENwL9TNhxyzMkECsy_3mJjmf9rjO9LU1cUgwmYooNkWh4PTih_pW9t5Glw0V_M8Dbe8abECQxJIHJDvkLp7pU78ffdAke9_XHFsuFoTLr1htczlX2Civ99DAuqwCq64c0yNNKYyVXDdiu5NL40XluSFGbWVuEu0pp7BSkLvxSnVZrVRAvMjGFw7y9Q2lD_rJ-Rc9Gd5C-4GKvgXuZfEm-NIHQ-o2JwoDCfLpYsAc4LnQzC6vm9_m7m22vA3hPgmY4GmfQbZyyrw378iJXRB1WgfFC4vwDP3aFmBvs4ZjQmYzFrfMSL7nJlv8JzHhfl4HZW5T_8Y4fJYEAJMavET0dGr8BJUqoO_li0aTTZSAqSD0rjMk8PwEn71JCoA1KnBfT8Qe6kG-02WF2mlsumB1Aw3ONphVGQH28doUMocISGMvhiJnkeQRtnUpwbsFjUdxQKNsdE9nprs7ifG7QQsj8eJvqTOO9_aiq5jvLhtJNCEJJF4my--b7OxPo3wghbDZ9BEDUKjfWmz7TC1XruJZ5dXJ6WXlh6gqQeyb1NV5UWehecxwLkKPpZKvfZ336grA9ILY0slW3Ty5uxO_pdATvAufVR_ZlJrkNU67C7McofC_5r1RQ4vIz8p4ZrNOrFm-vrb_IIldtVsWWbmrgkPqLaLKVEfrcICsEXD5tf_CA-VJ2BlcntXrxJuOOgXRLb_sYYx9qqr_iQPfzD6SLpVzB5ReiVAIhOSwT0qFGhpZxjnT9tzLdDuCnS_GQoMB6GX0vM0BQdZdFpbfU9Tjpdk7FQA0BmGjaWYwrrVpE3IHOpq8mXWEOEcSI9laFjk3kZCjckfN81mWAdhZjiyMaHT6gA_8f1UWGlFvv9N37Fi_o9ktjeUxvAQQICq8qMgxfHdrXsSuMuPzF9CZ6WnSX2hP1iOqj7x32qLnPcZ7vXhezfp86QuHsX9e_bAaT6UBQXaAdWtiatq9n3UAP3vIrXsfj6U4_Dpen_IuWceTSVeDPgX6-IBw5gTQbAYaXni6KNAh18wz5cjKi29usZj6qMjwroW1PXzLT48Nx3ldbQQzyZgD3kjqebkBAUpGmGUZYwTL-k2ADzqmKlrkgnvwToKaRsCuA2_QtxTBUVQ1FhAMDagaDyVfbGomyq0FPsFZkrsCe_FIV8AVWNLUwKZXQqCJJZ8ozNIeRaVKQERCiT5BoEjgMmGYhFM9sCxQxprq6vJpqLjHVQvW&sai=AMfl-YRc31Mt0yaeJnddwjCYvvfp0FC4fHeGQGPfRBaDuuCnKB7Lya9mDF8SZ0_Suj2IMnUKAbr-b-Ney1PGv3zRT-ODxvvoFf6DgCDP3_1SxgUUHDUAjW5MVnrd0Nd8LCyVYv3nzjCAw0Qm6GgaapqSUaOQeRPk5PuA7lMbxhlK278jTIoeMweEPjuZQRQ-lT1AtHS2d5_aaKLlKM_Cm6zRJwt6TfukeXc-edM6QUVKPk4x44Zg1ShSHO86ELxyhdHcUsjVFimRoYs7KCV8Q5L_NKJ2_-JjA_XP4UjhgAzZKNi_F2NKVPVdwG7hLyxpSw2KFNoivwTov0twN2to4T2HbJFZXFPlsMfHaa2w5fI85EgnEXndoMWiqxCDkycZm8hi0bct5O1JiUudYBYUcjzsnY0hTzox4MzM_v0vrYCu8RaaqKKAoyRX1RpsRYv3xHwzrOJaDfWimeqokHux2cLBa4rT0TMDG8O5UDxpEaUjYvcVDfK3Y9yE5HIV_4S7rUk924R97TgqgiFC3w&sig=Cg0ArKJSzN_Y0etPWkU2EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tb3VzZXIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=179&cbvp=1&cstd=174&cisv=r20231207.83995&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 22:43:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FC79
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cet0KgAWKZeWkH6LY9u8PiMyykAzUu6jQdLTpo9jMEtnZHhABIIyHpiBglaKkgrAHoAGvyvjFA8gBCakCEWOGTlF4sj6oAwHIA8sEqgTlAU_QneqQPx9nf5sYFBC4WJWXk6ax1lcsLcIqTMd...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222163236545330934312%22,%22debug_reporting%22:true,%22destination%22:%22https://mey.com%22,%22event_report_window%22:%22259...

0
0

68ms
68ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222163236545330934312%22,%22debug_reporting%22:true,%22destination%22:%22https://mey.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22951985455%22],%2222%22:[%22true%22],%224%22:[%2212-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225905639369068306065%22}&andc=true

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2163236545330934312","debug_reporting":true,"destination":"https://mey.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951985455"],"22":["true"],"4":["12-25"],"6":["true"]},"priority":"500","source_event_id":"5905639369068306065"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 25 Dec 2023 22:43:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 22:43:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2163236545330934312","debug_reporting":true,"destination":"https://mey.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["951985455"],"22":["true"],"4":["12-25"],"6":["true"]},"priority":"500","source_event_id":"5905639369068306065"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 73ms
73ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 22:43:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js Show response
pagead2.googlesyndication.com/bg/ Frame DEDE 51 KB
19 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5hpSdEAdCYypbNizbkAw91vLZEBHsYzw3rH5Fshj8SY.js

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Dec 2023 18:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 102854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19933
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 23 Dec 2024 18:08:59 GMT

GET
H3 200 gwdpage_style.css
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 55 B
104 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 14:47:48 GMT
date: Mon, 25 Dec 2023 14:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpagedeck_style.css
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 731 B
264 B 42ms
39ms Stylesheet
text/css 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 20 Dec 2024 14:05:25 GMT
date: Thu, 21 Dec 2023 14:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376668
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdgooglead_style.css
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 24 B
73 B 39ms
37ms Stylesheet
text/css 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 13:53:15 GMT
date: Mon, 25 Dec 2023 13:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31798
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdimage_style.css
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 281 B
188 B 37ms
35ms Stylesheet
text/css 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 17:41:06 GMT
date: Mon, 25 Dec 2023 17:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18127
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdattached_style.css
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 26 B
74 B 48ms
46ms Stylesheet
text/css 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdattached_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Mon, 25 Dec 2023 22:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Dec 2024 22:43:13 GMT

GET
H3 200 gwdtaparea_style.css
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 157 B
145 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 21 Dec 2024 16:40:10 GMT
date: Fri, 22 Dec 2023 16:40:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280983
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 20 KB
6 KB 42ms
40ms Script
application/x-javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 01:43:40 GMT
date: Tue, 19 Dec 2023 01:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593973
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6276
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 googbase_min.js Show response
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 400 B
309 B 62ms
60ms Script
application/x-javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 00:48:10 GMT
date: Tue, 19 Dec 2023 00:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 275
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpage_min.js Show response
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 3 KB
1 KB 43ms
42ms Script
application/x-javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 02:40:02 GMT
date: Tue, 19 Dec 2023 02:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590591
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdpagedeck_min.js Show response
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 8 KB
3 KB 58ms
57ms Script
application/x-javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 02:24:08 GMT
date: Tue, 19 Dec 2023 02:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 591545
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3191
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame C30A 116 KB
39 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 08:50:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49979
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 08:50:14 GMT

GET
H3 200 gwdgooglead_min.js Show response
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 13 KB
4 KB 46ms
45ms Script
application/x-javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 22 Dec 2024 08:52:19 GMT
date: Sat, 23 Dec 2023 08:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4481
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdimage_min.js Show response
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 5 KB
2 KB 45ms
43ms Script
application/x-javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Fri, 20 Dec 2024 08:02:28 GMT
date: Thu, 21 Dec 2023 08:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2014
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdattached_min.js Show response
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 1 KB
620 B 44ms
43ms Script
application/x-javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdattached_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 09:00:01 GMT
date: Tue, 19 Dec 2023 09:00:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 567792
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 590
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtexthelper_min.js Show response
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 7 KB
3 KB 69ms
68ms Script
application/x-javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdtexthelper_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 22 Dec 2024 11:10:50 GMT
date: Sat, 23 Dec 2023 11:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214343
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2823
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdtaparea_min.js Show response
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 3 KB
1 KB 70ms
69ms Script
application/x-javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 19:06:33 GMT
date: Mon, 25 Dec 2023 19:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13000
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1356
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwdgpadataprovider_min.js Show response
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 3 KB
1 KB 66ms
65ms Script
application/x-javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwdgpadataprovider_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 22 Dec 2024 08:01:41 GMT
date: Sat, 23 Dec 2023 08:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1293
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwddatabinder_min.js Show response
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 5 KB
2 KB 67ms
66ms Script
application/x-javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwddatabinder_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sat, 21 Dec 2024 00:04:18 GMT
date: Fri, 22 Dec 2023 00:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 340735
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2351
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gwd-dynamic-binders.js Show response
s0.2mdn.net/sadbundle/10216343982835143903/ Frame C30A 23 KB
9 KB 63ms
62ms Script
application/x-javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10216343982835143903/gwd-dynamic-binders.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9ef1ee20fc901caf4d6013633f0d56592523d62ae955afc869405b319b22310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Tue, 24 Dec 2024 14:47:48 GMT
date: Mon, 25 Dec 2023 14:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9259
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 11:22:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7185 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BhXnfgAWKZeSkH6LY9u8PiMyykAwAAAAAOAHgBAI&bg=!MjGlMX7NAAY3kmNgF5I7ADQBe5WfOMkMWhXarAF1amZmVKUbAPjJ7HWadMZpXqGIyseuy6wwJ2_wACsgOD4Afyogu6nXAgAAAFlSAAAAAWgBB5kDblbxvg-BvmhW9E_9pHsXKv5JqdSTggf2irgRxkzhmWw3GBlkox-a7XuGADSBfAHIgIMC580GRLNGRYKjNTK3Quby8c0PYLVvRg_5Ptwbzf1rBcybEAR5uV5nKjT_2_oTNoHPS74Y9Ft75QjBKhLowM_yjCka6H-ojKRYd97qWs3W0h3fYnxcQmY9PaYgEtmLNnSdaLNgkwwZBp1lbzBPp4TwGreQPtKYeH5f_5lfcu9tlaOYr8y_alcku0fkSIaZ56RNGdfBFIssZ7MsG-KrTpgUqZeveu7gMSNbRXpdXD3i_jopFiROPHTfvdnKU6tP_kgbNAsHrqGgVii7GKz2qgxEZDSB6UpS9_c8EkPowxbErwLypAG60mBWKC5yKY11Qcyevd0lGhajK2umFycO0CW-SbPUNpTDDRb8oo2dQNz4-1lPuiCZfgFOVeRU4ZHVbEZOVzbRBU9qVC5npOq_jzt1awWGNiH8r5ici9rUi4Gtmk1wuAaKe_1lTy9A277s0UXL6KYCHNzDrFUvj5lskYQn_ZAsYAA3Wqct7cxhO2RGf3wtp33SJLnT5d04e1YS38auZtY0l0VgnIrZTUCMiGGFe6okQB2nAxbsgU4utWr9yvImqsEXKygC0m-FQyqyuSd4jp8CeVmd8NZt-R1mYh6LRBsYaf8WH-P0xcanCbKbM4-4LqbqxeIGGDBUlYPKE6WBq4m4ZvC58TZLBE5Ciox3tcuHH4D2e1MuIaWoEn3ihLwnEiNifjWtNVWW_oLcg282mHIMJAJrYyyR3pmn3HRhhV8RvtoK4QvCajd65dLY_SawdjTcfkxvHRgjmT8Yw_HTq0feEca0s1tZRX75n_p0nXuZ6pd6NppxYXSf9yepFLdkhgpckylsIWeqHvgzhIIHcPYZl_rtqC87BpHHekUTdYAG3C2uH872cxiCKC--wdiJMt3DGWdgNG3jwd2yPoNhv1PKzib-2MXN7UFqHVlHl2D5LOd_BuGd8tYejaN_fVfoLEiMeLvWq9L7t1E9crxx4kY9ipOEyw76utvLtqmFOWF0Wg1bkefqasoa4nk9IfQRZozFQIM0XoZFAHCKmRk-2IoRdS4XwV5mX_Md4cS1L2A-t9_ppUVHYv-cU_OKDmjuFx6MRDpBIOyq7sdxzUdGk9pTSwM8SOhfNy3s

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 69ms
69ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 25 Dec 2023 22:43:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame C4A8 0
0 70ms
70ms Fetch
image/gif 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstzd3gtJGGI-0wykqCfHPrLy3kid-INHfla6HXS81TchfC2eG3NQyDJzygWlz_dCLjWPUXn3xufgQBy6_-Yju7Swr1PPiFc9envkKLC4qDKSp38gkRVx0A1JLRagjKyDXA-CDsB91ssxhgGNWE1UjorwJbGqcMEVFvsRF79a7j1fpNSWgE9IgwAaCLrENwL9TNhxyzMkECsy_3mJjmf9rjO9LU1cUgwmYooNkWh4PTih_pW9t5Glw0V_M8Dbe8abECQxJIHJDvkLp7pU78ffdAke9_XHFsuFoTLr1htczlX2Civ99DAuqwCq64c0yNNKYyVXDdiu5NL40XluSFGbWVuEu0pp7BSkLvxSnVZrVRAvMjGFw7y9Q2lD_rJ-Rc9Gd5C-4GKvgXuZfEm-NIHQ-o2JwoDCfLpYsAc4LnQzC6vm9_m7m22vA3hPgmY4GmfQbZyyrw378iJXRB1WgfFC4vwDP3aFmBvs4ZjQmYzFrfMSL7nJlv8JzHhfl4HZW5T_8Y4fJYEAJMavET0dGr8BJUqoO_li0aTTZSAqSD0rjMk8PwEn71JCoA1KnBfT8Qe6kG-02WF2mlsumB1Aw3ONphVGQH28doUMocISGMvhiJnkeQRtnUpwbsFjUdxQKNsdE9nprs7ifG7QQsj8eJvqTOO9_aiq5jvLhtJNCEJJF4my--b7OxPo3wghbDZ9BEDUKjfWmz7TC1XruJZ5dXJ6WXlh6gqQeyb1NV5UWehecxwLkKPpZKvfZ336grA9ILY0slW3Ty5uxO_pdATvAufVR_ZlJrkNU67C7McofC_5r1RQ4vIz8p4ZrNOrFm-vrb_IIldtVsWWbmrgkPqLaLKVEfrcICsEXD5tf_CA-VJ2BlcntXrxJuOOgXRLb_sYYx9qqr_iQPfzD6SLpVzB5ReiVAIhOSwT0qFGhpZxjnT9tzLdDuCnS_GQoMB6GX0vM0BQdZdFpbfU9Tjpdk7FQA0BmGjaWYwrrVpE3IHOpq8mXWEOEcSI9laFjk3kZCjckfN81mWAdhZjiyMaHT6gA_8f1UWGlFvv9N37Fi_o9ktjeUxvAQQICq8qMgxfHdrXsSuMuPzF9CZ6WnSX2hP1iOqj7x32qLnPcZ7vXhezfp86QuHsX9e_bAaT6UBQXaAdWtiatq9n3UAP3vIrXsfj6U4_Dpen_IuWceTSVeDPgX6-IBw5gTQbAYaXni6KNAh18wz5cjKi29usZj6qMjwroW1PXzLT48Nx3ldbQQzyZgD3kjqebkBAUpGmGUZYwTL-k2ADzqmKlrkgnvwToKaRsCuA2_QtxTBUVQ1FhAMDagaDyVfbGomyq0FPsFZkrsCe_FIV8AVWNLUwKZXQqCJJZ8ozNIeRaVKQERCiT5BoEjgMmGYhFM9sCxQxprq6vJpqLjHVQvW&sai=AMfl-YRc31Mt0yaeJnddwjCYvvfp0FC4fHeGQGPfRBaDuuCnKB7Lya9mDF8SZ0_Suj2IMnUKAbr-b-Ney1PGv3zRT-ODxvvoFf6DgCDP3_1SxgUUHDUAjW5MVnrd0Nd8LCyVYv3nzjCAw0Qm6GgaapqSUaOQeRPk5PuA7lMbxhlK278jTIoeMweEPjuZQRQ-lT1AtHS2d5_aaKLlKM_Cm6zRJwt6TfukeXc-edM6QUVKPk4x44Zg1ShSHO86ELxyhdHcUsjVFimRoYs7KCV8Q5L_NKJ2_-JjA_XP4UjhgAzZKNi_F2NKVPVdwG7hLyxpSw2KFNoivwTov0twN2to4T2HbJFZXFPlsMfHaa2w5fI85EgnEXndoMWiqxCDkycZm8hi0bct5O1JiUudYBYUcjzsnY0hTzox4MzM_v0vrYCu8RaaqKKAoyRX1RpsRYv3xHwzrOJaDfWimeqokHux2cLBa4rT0TMDG8O5UDxpEaUjYvcVDfK3Y9yE5HIV_4S7rUk924R97TgqgiFC3w&sig=Cg0ArKJSzN_Y0etPWkU2EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tb3VzZXIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=392&vt=11&dtpt=213&dett=3&cstd=174&cisv=r20231207.83995&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:13 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C30A 7 KB
6 KB 129ms
75ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c463e5642befc75d0729322eff15936ab41cc19c61dd6253b63275b8069c4adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5764
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C30A 17 KB
6 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 22:43:13 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 57A7 42 B
63 B 65ms
65ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Com2gB48JMpX8lMW2rJKHMDfaZNC1YxiXeYxEhYvFuClMoneI0JE6H_8qBG84AItnRyCJ-jn75ga8zp-LAjoypof1fEpEGrpJPzCtggJ2OjUBibLs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 57A7 89 KB
31 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:43:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 57A7 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 57A7 20 KB
8 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 21:29:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 21:29:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 57A7 0
0 105ms
37ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZ-rVshzq4r8GpTDTmkiWFYi_VGumeTz773cGrYHUVsohoA1Rux61JFHlXhaLjKjaLOwkcjilS2GKoGu50a4nxixCbKg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 57A7 203 KB
64 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 22:43:13 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DC94 624 B
242 B 72ms
72ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY04r9xAEwAQ&v=APEucNVh8v9kupihMGW0vqjnGMaV-bQKkNvVIA4KTK3iEwm9FELE4j_G9GOFEn0sgHRbmT-DpYkpET-FNfA4Ik7jksmmJ_G5wp8ZDAywBA9TbepOu9drpPSh3bnuvksKTrW82GAZdyXHac8hNyTpA4jCNdUgSyGVgvOW20kfaJeBmR_wLWuoGvs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:43:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1892 39 KB
15 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DC94
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTXXoCnl0r0a9m03ZrhNTU&google_cver=1

43 B
735 B

74ms
74ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTXXoCnl0r0a9m03ZrhNTU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY04r9xAEwAQ&v=APEucNVh8v9kupihMGW0vqjnGMaV-bQKkNvVIA4KTK3iEwm9FELE4j_G9GOFEn0sgHRbmT-DpYkpET-FNfA4Ik7jksmmJ_G5wp8ZDAywBA9TbepOu9drpPSh3bnuvksKTrW82GAZdyXHac8hNyTpA4jCNdUgSyGVgvOW20kfaJeBmR_wLWuoGvs
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piDNvSn%2BkDnf67xMdFv6F%2FCAHgpaEab08pTYlk68P0KJo%2BTnXu3IveIEbgTrhoIjJVXsxi0gc2EZgg7ERDDl8seZBsRuI0q0MDb5BVDtre4BLF2xLGhXmoweuP7%2BqH7zWBu%2FVGu7VaLGcg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b49a0cf9c64541-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTXXoCnl0r0a9m03ZrhNTU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame DC94
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYoFgQOBk0QRtABo4tvm7QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTXXoCnl0r0a9m03ZrhNTU&google_cver=1

43 B
742 B

67ms
67ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTXXoCnl0r0a9m03ZrhNTU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY04r9xAEwAQ&v=APEucNVh8v9kupihMGW0vqjnGMaV-bQKkNvVIA4KTK3iEwm9FELE4j_G9GOFEn0sgHRbmT-DpYkpET-FNfA4Ik7jksmmJ_G5wp8ZDAywBA9TbepOu9drpPSh3bnuvksKTrW82GAZdyXHac8hNyTpA4jCNdUgSyGVgvOW20kfaJeBmR_wLWuoGvs
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ha7T5zmRLAB%2Fhy%2BgQkLioE4ARt2AZ%2FB0LBl%2FPrujoZps1f0P%2F4UZAH78rLFGeIajUAv667Q1xeGlajq54SP%2F3TQiZ6IZvWeNi2AdtilCDowE%2BTPIGtq%2FoUfqIE0GdS9Pcx%2FHa6Kj%2FFKsZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83b49a0d7a834541-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGTXXoCnl0r0a9m03ZrhNTU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame DC94
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDK5H5jBOKpvllawqJXBjCk&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDK5H5jBOKpvllawqJXBjCk%26google_cver%3D1

43 B
896 B

67ms
66ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDK5H5jBOKpvllawqJXBjCk%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY04r9xAEwAQ&v=APEucNVh8v9kupihMGW0vqjnGMaV-bQKkNvVIA4KTK3iEwm9FELE4j_G9GOFEn0sgHRbmT-DpYkpET-FNfA4Ik7jksmmJ_G5wp8ZDAywBA9TbepOu9drpPSh3bnuvksKTrW82GAZdyXHac8hNyTpA4jCNdUgSyGVgvOW20kfaJeBmR_wLWuoGvs

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
an-x-request-uuid: 1897bc8f-2fcf-40e7-a842-a13f57c355e9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.131; 217.114.215.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
an-x-request-uuid: 46fd2ea6-477a-4da2-9e1a-8deea79e64fb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEDK5H5jBOKpvllawqJXBjCk%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.131; 217.114.215.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC94
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2MDg0MTU0MjMwNDY0NTE1Mw%3D%3D

170 B
188 B

44ms
44ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2MDg0MTU0MjMwNDY0NTE1Mw%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
an-x-request-uuid: 24fffdeb-1129-4639-9039-66b8b8ef4273
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg2MDg0MTU0MjMwNDY0NTE1Mw%3D%3D
x-proxy-origin: 217.114.215.131; 217.114.215.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 57A7 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3347750119806&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 57A7 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3347750119806&version=m202309260101&ct=76&x=1&cor=13048869193960319000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 57A7 108 KB
41 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHnIcrIwOiMJIEbxesE74XbZ0RnTGJ6MUC6Idtq8UOucvn8BO5klg1Hyk5wBsAaphHQGM9OodhGQJxDAEDhT8y9XpNfYp6Snnaud903IMNzVGeqj3yQgZ5ZjE642zdZp_YUf6NwgtuWiPRsp68DxGxlDDoMWUIX-nVjiT1QRsvX3tPgx8&dbm_d=AKAmf-Ch6WZPItFbNq87oWT9YOcmDEADSJ6Z8qrIrppl2lSTebjy1EAbfwzkew5j77oXvXybOQq6iVAfQW1xng7-k6SYfzPkJ5G7ICvfQIFjbsJk-gc2Z16-nvyDnTNau0vpjGUieBoqB5angiav3ok3HA-CEvlcoK9CGlc1uMtZXy8iAC1RGcjeuyg3GDt61hRy03dNjUlUlGcoyb0WBRfAaOGx2_ngy9Lf6x84i2lufYZuht_sPTCbXrZ2su1yOx2vxaWcqy9o8vQPJhNmpXiXROaIwEs8TK2w-XuX_D64IY5TSZsXhOkk-R7_Z77Mrac80XQEeIhYCZkq_JjCdVeOa84pBVwHzlsRQY_YbYNB1FATAY55TDQPL69k4doVfGOfH2L9fNn_uGQbbml3ZLa8w8sxc2w6X32Tos4Vi32k3AvprxTJmmsu49TzjVkjwPCF_t3tHpTCk0SeRbLaaz6y_CQade9VOHPiv0A6vTdbKaup4qh-Nyjv8L5-zDAqUKuWLLlnYUKpi-ruf7wZBhDzQgs8bZY4HFyx0ln5KDRUDm_XkJ__mVJBK_oHxhGIjhk6-J7P8aC2gh6doaPIx7PxuE7UmKcZDIArzXLSIKe_EiDZR7FKcA-A-bmZoSCjBeiFZrys6uyXWGMxe9ZJAcXjMxV4i5Xn9vh_Dh-m73yNed9ZxYbWYbUeXBweNi3-Z5ZgaBlzP9PwQem4lbpJuY7Gv9L_6sfh-V0zHaYzkek63z-pBs9JM_YqfG-FmLlgDCDmK_5Ey0OiSh5iMwOt_7NQ2iJHZWxqvfzl2GNOcMobdc3a6KcSw1xd8YZV6UlbFJwIyflQPZbiWPVO_fq26x94gRnOlDLCnCPteKsuReFdTImxzTegYwWKiX1TdsBEgph-xFUtc1Hg28N6T_FG04qlP_ps61LqADJRm3wzHicINOotqiR1SNkCWEPEya6FfjwY_z1DkeRlXhcmSgfEbWvL9jXMviZM3aeMgnj9K5vzjf-sUQDLhlMfJCjCWaf-WVEBdzrU5ariyWldCoi-xZJGxznxFgweK_A1qzM3K-hnH_FpuetuZJrwrtLXfwpc0HgJ9q5Um0MA4Rc4nYoTgCAxN7aI3Hje13u9o-ekPsqo2fBHAq-zsSpIUVtjbgekpFcpq_TUvNvYYg3efeZPk3B95QDoysE8SGPz09WIDNbtWlKgr7L1bzqezSQWF9W3PME5STKvtYuXzD7d5Q080gljx-umM7ENplZ4yXtwqJSglMT0qkbQ2OW2O9OppbLbcEuOUrLxRAPbGBqZqmy1SaC8Seo08VgWjDWAhOkSmH59A_RsAe84VL2PcMUQPfL_xE9BQ_1s_DUeGxD88wCA_OdoPiVrYYQZQXu8pguYhgF7OgIgBW5ulADEqf6eRBhHOoQft5LxhyDySVvVSIX5ISeobjICZvDATIgZ2ND8KtRieoWl-Q2Jw7wqh_fbzL2VwFPKmiElitBnL8Lh3swlV3Yxu_5ZvR06tt4u4_VuHJla3N9TB2f4xOz6x9BKDb_P2h8gHT6mR6SdlAskXZBQo9pWEet11qms0Ld9lnpEMsZz6Spk0R5Ynnrmm7zdu9CzdF-G5JpVnnjwTfJkB0x4iYipgsImor6R6XdmehnNnqKYsGorOj3xKEOKmeJR7uAZOavTispsCt6oQqdYhkigNUdAnEQ991EjWkeEBpKNY-F2oBft6TTBJ6G29UWptLvddjGeREO47VIw7QGX9TwbPadF5ncP5IhjWlgWNeui56T_MrR99-7X4EnZ2bF7tagg9ypIaXbAurp2SrKC-CTmf3KHcs5vllMtLTvOr0DtXc01Az2ICoepftUqHyDXpg0SVnufjjg1f6YwFuXBAzpeDA3w0L17S_wsOvf6hAks7rkIWX0dpkRTyOk7RbD-D1fDjT0VVFhwOBQZskqJtzTHoWWJCtzwtUlqCExDmkTQlHD-Kv1iSUwTxN90RzHhHwFBYQRMeQwEJQCVE_jB9jqxhU1Ge0utaouoQNJ1NVkiBNEtGpp73DSdvm3fx0d8H6hcV7CuCLK7f8jAyUfxY6RYbaUWSLK8wiZBpyoCIPUZHX76QXfdXMgAH-9_XbOKM_GrAtLz7WHjLZFdqMlvdeIqSHcjYnhgAs9h4HKHMXJEaN_5JXoevE68EKOHg-RMy_PxLuJyEf4yJ8Ip19huChkzJzSOmhZsdS60hWwSDgk_TchWAiAfHm1FrYTgdvlW1mW7R2lu687op165cIU47CwL85l8K2wj5Bk99_YJYO_9pUBxhJTZ2tyfANVF9hhtMFkHogszAuf4IZU_SoVA3qawZtZIUgevHEbDr_OPU2aocvv-dBJajJaGMN_amiN2WuA4vPgXdwtsgIX3VopZKfJow2vqp3hXYE68g9ZhabonUT-Bl1yZYPjTMIpvfjAHb0q3IjRNatWw6ZccDJjJuUEL8opK4SMnVN5Yv9v9RbE-eqaCPRH07TGGmKp1H3W5YVwQOZOapPmEEtC3mLO5730Q9k2i_dGJMXGXMzrsza3Za2oCSVJCTzyTepdiXZJwZmE2-OuXlQ1hQeVTnZN9-K2P6N69D64x1ivFoTV35OM852TVtTXMr2mQS-VH55caLl46ZUussO2iCWMhZiqloc2z12IcBukorkSEoouugB9okslvZcbf4u6OOYfGBCb5YlxYFIpaG5yjt1mSIk8TNQo6vIN28GFfg_dMwONbN82dJhtepU50wf0JAL6PtwKQvJogoAG9VGZznNmmsXXyWYhOEwQJDL0lbIdYFhJzdlNPaARK6OtiNwKiA46WuNhTkZ_AJVCDev3pWDVA0Kahl5Bo0T-jhBxfrzhl2H5lEZ7RUENKbKL-WallUoCbbVTVzjQSAHUyZJy-Ips5Azb3UOc7P7r9vHl4FUS0NP9mrY9-QSwNa_xvU1cUv5EjUSNdpIXOhOxGbBOj1WKB6-WHx-Zt24YFg4YPrbq1P3qr4i4zL1gvt5q_b9lcrRWYHJ42RK1jlmNmK21zJxz8PD699nWg3QBcEBPO_qfxeRDR196ykyKyJ43O2WpyhMVfdHA1d_s259SrBWcjYsRusF0kWjbZd1gca0OVsn8rBVn1yVvpRVjEtQzIsrUszTE52EGG989sv4B9QtW9ZNItLzcNFoazjd97DDyWxarZ4w5RFx69ge_cPCE_IN_xEMd495TAeCU6yqHHRvHiwnXaUyKr2aoiZATnq19W9xT6S5bFxJwXZYDryl1-erGjQ3D1xUhREcNAR4bgV1dpOItgj9xTjV33xHXwh0SPCcm4K8NXBPmK2CUQ7tWB5cCiEZifUiie-TmdyZKs00DIm1J4rzBJmEzGtWFlwev1nBckxUSh_MT5PJh9VmxF9Z0CNzqKgbIfAP0gnRHnkYlh0Vpy6Mwdi3x0WEBbdPUlT1naqhrksIedSK6CdsWl5z6FMAwJl-pmKEcH54QYmabh3DFGDKJfQBgL-oZwVb_uFSQ_3anPJmRtULe-tImEEFpKAVenuZS1N888gW3Vi-49mhwu5JlT_cnfPW3S4vha_RMgfGa07SzA21hcrko-MWg8gD3w1RtL9-l5hAIlZfzags68YCVaVNTFxVp4Nl1suMqbnhni49BUwtHxoBsuA8ZflSv3bcbO0cPRKwoEqqGTk81849sO3O78L5YkUmPL7qFm0CJVqzA3n_8tVceoELR7UawzbSrHN-AVSgHiuqbXB40-fRuIJN0aaSqI5Vl4wWKUossiSFtVd61rWvItrLY8XPs8X8lSa-EsMPKoJq2JEpJW5w3wDZc8yno4mYCuz3oJ4396EAJBst8LceU5NciFDj25kApadW0n6Ow0DvSc5NM2lqn6YUQmE1fR1WSFQy0NCweqsilOa_6uqmj0d1ncXmvfxERH0Jj1DvzKn6WW2jz845IEJ2_w8sHukEI9hUixiaZ3ZZO6CfuaxGwk_jUyfheMgXDejQCoN4jxDLiZq2zib9kPxId4eNnC06FcKwbL9doLJBF2shuOpwz7kFSGOAHHSG1xigk1rhXEBpGMx0Wz33pI9gZj0hqbXdVxSVLkqVa8toADtr7LLAQHg65npA_JXm9nXhKsBtdW0xB_nvE8ERHy1Kja0fJjmyECdd_ihz301PlHF3FGXtLGfLei5o_LKiGPdMmaQupdEl_dNl2TOBRdimxyn75U2xmdguB5SJdtWmK-zQfmdanbwPwv86KOGfX90qpH1SKLM59nB_FcKDm5LxSZglcpTl6wkr4pWKbGQZUprwaWM2Td7iZ8O2qQ26-A5qv8jLqvNoqIxnCBQD77C6OM2e2zhqXK7DfC_l9sMdygaeFcw1MGZOrll94ErC5U25UE1xKKylyRBpXgp9h3VgHbuYLnUFGLVkAwH1gzHzhBDuEzxR2XUqmAQcyeRKFjFteHgIxqcFyxbapJxIKQC0dRRT6M284rMrEH5A&cid=CAQSPAAvHhf_XdMImSvW19V0neQGkdZe5TyBtkaOSuRc1MmIOt9v5MGaQQuJMXJnp8DEO1un6mJ1nXJNnz7BbBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ds=l&xdt=1&iif=1&cor=13048869193960319000&adk=1964084971&idt=85&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3feb772d2607cc88c3a2314adf1e289b3136db119984defc8d5fa3a30998ffed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41913
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/987057/61527014/ Frame 57A7 256 KB
77 KB 201ms
66ms Script
application/javascript 52.209.40.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/987057/61527014/skeleton.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-0840729773249552&ias_chanId=1&ias_placementId=20343401411&bidurl=https://www.xn--12c4cbf7aots1ayx.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hzS39ImhvlKGl4G2i1OVwq
Requested by: Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.40.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-40-41.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: fb0d84500d849cff357a25427727ea7479b798793fcc61d6d99126ffc5c58c0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 57A7 111 KB
39 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 06:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 06:30:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 57A7 11 KB
4 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHnIcrIwOiMJIEbxesE74XbZ0RnTGJ6MUC6Idtq8UOucvn8BO5klg1Hyk5wBsAaphHQGM9OodhGQJxDAEDhT8y9XpNfYp6Snnaud903IMNzVGeqj3yQgZ5ZjE642zdZp_YUf6NwgtuWiPRsp68DxGxlDDoMWUIX-nVjiT1QRsvX3tPgx8&dbm_d=AKAmf-Ch6WZPItFbNq87oWT9YOcmDEADSJ6Z8qrIrppl2lSTebjy1EAbfwzkew5j77oXvXybOQq6iVAfQW1xng7-k6SYfzPkJ5G7ICvfQIFjbsJk-gc2Z16-nvyDnTNau0vpjGUieBoqB5angiav3ok3HA-CEvlcoK9CGlc1uMtZXy8iAC1RGcjeuyg3GDt61hRy03dNjUlUlGcoyb0WBRfAaOGx2_ngy9Lf6x84i2lufYZuht_sPTCbXrZ2su1yOx2vxaWcqy9o8vQPJhNmpXiXROaIwEs8TK2w-XuX_D64IY5TSZsXhOkk-R7_Z77Mrac80XQEeIhYCZkq_JjCdVeOa84pBVwHzlsRQY_YbYNB1FATAY55TDQPL69k4doVfGOfH2L9fNn_uGQbbml3ZLa8w8sxc2w6X32Tos4Vi32k3AvprxTJmmsu49TzjVkjwPCF_t3tHpTCk0SeRbLaaz6y_CQade9VOHPiv0A6vTdbKaup4qh-Nyjv8L5-zDAqUKuWLLlnYUKpi-ruf7wZBhDzQgs8bZY4HFyx0ln5KDRUDm_XkJ__mVJBK_oHxhGIjhk6-J7P8aC2gh6doaPIx7PxuE7UmKcZDIArzXLSIKe_EiDZR7FKcA-A-bmZoSCjBeiFZrys6uyXWGMxe9ZJAcXjMxV4i5Xn9vh_Dh-m73yNed9ZxYbWYbUeXBweNi3-Z5ZgaBlzP9PwQem4lbpJuY7Gv9L_6sfh-V0zHaYzkek63z-pBs9JM_YqfG-FmLlgDCDmK_5Ey0OiSh5iMwOt_7NQ2iJHZWxqvfzl2GNOcMobdc3a6KcSw1xd8YZV6UlbFJwIyflQPZbiWPVO_fq26x94gRnOlDLCnCPteKsuReFdTImxzTegYwWKiX1TdsBEgph-xFUtc1Hg28N6T_FG04qlP_ps61LqADJRm3wzHicINOotqiR1SNkCWEPEya6FfjwY_z1DkeRlXhcmSgfEbWvL9jXMviZM3aeMgnj9K5vzjf-sUQDLhlMfJCjCWaf-WVEBdzrU5ariyWldCoi-xZJGxznxFgweK_A1qzM3K-hnH_FpuetuZJrwrtLXfwpc0HgJ9q5Um0MA4Rc4nYoTgCAxN7aI3Hje13u9o-ekPsqo2fBHAq-zsSpIUVtjbgekpFcpq_TUvNvYYg3efeZPk3B95QDoysE8SGPz09WIDNbtWlKgr7L1bzqezSQWF9W3PME5STKvtYuXzD7d5Q080gljx-umM7ENplZ4yXtwqJSglMT0qkbQ2OW2O9OppbLbcEuOUrLxRAPbGBqZqmy1SaC8Seo08VgWjDWAhOkSmH59A_RsAe84VL2PcMUQPfL_xE9BQ_1s_DUeGxD88wCA_OdoPiVrYYQZQXu8pguYhgF7OgIgBW5ulADEqf6eRBhHOoQft5LxhyDySVvVSIX5ISeobjICZvDATIgZ2ND8KtRieoWl-Q2Jw7wqh_fbzL2VwFPKmiElitBnL8Lh3swlV3Yxu_5ZvR06tt4u4_VuHJla3N9TB2f4xOz6x9BKDb_P2h8gHT6mR6SdlAskXZBQo9pWEet11qms0Ld9lnpEMsZz6Spk0R5Ynnrmm7zdu9CzdF-G5JpVnnjwTfJkB0x4iYipgsImor6R6XdmehnNnqKYsGorOj3xKEOKmeJR7uAZOavTispsCt6oQqdYhkigNUdAnEQ991EjWkeEBpKNY-F2oBft6TTBJ6G29UWptLvddjGeREO47VIw7QGX9TwbPadF5ncP5IhjWlgWNeui56T_MrR99-7X4EnZ2bF7tagg9ypIaXbAurp2SrKC-CTmf3KHcs5vllMtLTvOr0DtXc01Az2ICoepftUqHyDXpg0SVnufjjg1f6YwFuXBAzpeDA3w0L17S_wsOvf6hAks7rkIWX0dpkRTyOk7RbD-D1fDjT0VVFhwOBQZskqJtzTHoWWJCtzwtUlqCExDmkTQlHD-Kv1iSUwTxN90RzHhHwFBYQRMeQwEJQCVE_jB9jqxhU1Ge0utaouoQNJ1NVkiBNEtGpp73DSdvm3fx0d8H6hcV7CuCLK7f8jAyUfxY6RYbaUWSLK8wiZBpyoCIPUZHX76QXfdXMgAH-9_XbOKM_GrAtLz7WHjLZFdqMlvdeIqSHcjYnhgAs9h4HKHMXJEaN_5JXoevE68EKOHg-RMy_PxLuJyEf4yJ8Ip19huChkzJzSOmhZsdS60hWwSDgk_TchWAiAfHm1FrYTgdvlW1mW7R2lu687op165cIU47CwL85l8K2wj5Bk99_YJYO_9pUBxhJTZ2tyfANVF9hhtMFkHogszAuf4IZU_SoVA3qawZtZIUgevHEbDr_OPU2aocvv-dBJajJaGMN_amiN2WuA4vPgXdwtsgIX3VopZKfJow2vqp3hXYE68g9ZhabonUT-Bl1yZYPjTMIpvfjAHb0q3IjRNatWw6ZccDJjJuUEL8opK4SMnVN5Yv9v9RbE-eqaCPRH07TGGmKp1H3W5YVwQOZOapPmEEtC3mLO5730Q9k2i_dGJMXGXMzrsza3Za2oCSVJCTzyTepdiXZJwZmE2-OuXlQ1hQeVTnZN9-K2P6N69D64x1ivFoTV35OM852TVtTXMr2mQS-VH55caLl46ZUussO2iCWMhZiqloc2z12IcBukorkSEoouugB9okslvZcbf4u6OOYfGBCb5YlxYFIpaG5yjt1mSIk8TNQo6vIN28GFfg_dMwONbN82dJhtepU50wf0JAL6PtwKQvJogoAG9VGZznNmmsXXyWYhOEwQJDL0lbIdYFhJzdlNPaARK6OtiNwKiA46WuNhTkZ_AJVCDev3pWDVA0Kahl5Bo0T-jhBxfrzhl2H5lEZ7RUENKbKL-WallUoCbbVTVzjQSAHUyZJy-Ips5Azb3UOc7P7r9vHl4FUS0NP9mrY9-QSwNa_xvU1cUv5EjUSNdpIXOhOxGbBOj1WKB6-WHx-Zt24YFg4YPrbq1P3qr4i4zL1gvt5q_b9lcrRWYHJ42RK1jlmNmK21zJxz8PD699nWg3QBcEBPO_qfxeRDR196ykyKyJ43O2WpyhMVfdHA1d_s259SrBWcjYsRusF0kWjbZd1gca0OVsn8rBVn1yVvpRVjEtQzIsrUszTE52EGG989sv4B9QtW9ZNItLzcNFoazjd97DDyWxarZ4w5RFx69ge_cPCE_IN_xEMd495TAeCU6yqHHRvHiwnXaUyKr2aoiZATnq19W9xT6S5bFxJwXZYDryl1-erGjQ3D1xUhREcNAR4bgV1dpOItgj9xTjV33xHXwh0SPCcm4K8NXBPmK2CUQ7tWB5cCiEZifUiie-TmdyZKs00DIm1J4rzBJmEzGtWFlwev1nBckxUSh_MT5PJh9VmxF9Z0CNzqKgbIfAP0gnRHnkYlh0Vpy6Mwdi3x0WEBbdPUlT1naqhrksIedSK6CdsWl5z6FMAwJl-pmKEcH54QYmabh3DFGDKJfQBgL-oZwVb_uFSQ_3anPJmRtULe-tImEEFpKAVenuZS1N888gW3Vi-49mhwu5JlT_cnfPW3S4vha_RMgfGa07SzA21hcrko-MWg8gD3w1RtL9-l5hAIlZfzags68YCVaVNTFxVp4Nl1suMqbnhni49BUwtHxoBsuA8ZflSv3bcbO0cPRKwoEqqGTk81849sO3O78L5YkUmPL7qFm0CJVqzA3n_8tVceoELR7UawzbSrHN-AVSgHiuqbXB40-fRuIJN0aaSqI5Vl4wWKUossiSFtVd61rWvItrLY8XPs8X8lSa-EsMPKoJq2JEpJW5w3wDZc8yno4mYCuz3oJ4396EAJBst8LceU5NciFDj25kApadW0n6Ow0DvSc5NM2lqn6YUQmE1fR1WSFQy0NCweqsilOa_6uqmj0d1ncXmvfxERH0Jj1DvzKn6WW2jz845IEJ2_w8sHukEI9hUixiaZ3ZZO6CfuaxGwk_jUyfheMgXDejQCoN4jxDLiZq2zib9kPxId4eNnC06FcKwbL9doLJBF2shuOpwz7kFSGOAHHSG1xigk1rhXEBpGMx0Wz33pI9gZj0hqbXdVxSVLkqVa8toADtr7LLAQHg65npA_JXm9nXhKsBtdW0xB_nvE8ERHy1Kja0fJjmyECdd_ihz301PlHF3FGXtLGfLei5o_LKiGPdMmaQupdEl_dNl2TOBRdimxyn75U2xmdguB5SJdtWmK-zQfmdanbwPwv86KOGfX90qpH1SKLM59nB_FcKDm5LxSZglcpTl6wkr4pWKbGQZUprwaWM2Td7iZ8O2qQ26-A5qv8jLqvNoqIxnCBQD77C6OM2e2zhqXK7DfC_l9sMdygaeFcw1MGZOrll94ErC5U25UE1xKKylyRBpXgp9h3VgHbuYLnUFGLVkAwH1gzHzhBDuEzxR2XUqmAQcyeRKFjFteHgIxqcFyxbapJxIKQC0dRRT6M284rMrEH5A&cid=CAQSPAAvHhf_XdMImSvW19V0neQGkdZe5TyBtkaOSuRc1MmIOt9v5MGaQQuJMXJnp8DEO1un6mJ1nXJNnz7BbBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ds=l&xdt=1&iif=1&cor=13048869193960319000&adk=1964084971&idt=85&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 01:57:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 01:57:58 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 57A7 31 KB
12 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Jan 2024 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 57A7 41 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 550438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 13:49:16 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7A8D 1 KB
644 B 30ms
30ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Tue, 26 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 57A7 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc5d7eb740f68d2aea3eada42ab335fc93ce2d6600a3734a6baf70071680a450

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1EEE 38 KB
13 KB 30ms
30ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 548555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 14:20:39 GMT
expires: Wed, 18 Dec 2024 14:20:39 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 7A8D
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBSgi_sHZK9v95wtslJj5DY&google_cver=1&google_push=AXcoOmSjCKIF676bq5EcYsJBa3pug5ztI3vUEbx6Kgwl4oOMe13dF-FY-Zft280GXkXYEyG9MaujzPcbK6W8K_7jDXEujhQ2bN2ao...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBSgi_sHZK9v95wtslJj5DY&google_cver=1&google_push=AXcoOmSjCKIF676bq5EcYsJBa3pug5ztI3vUEbx6Kgwl4oOMe13dF-FY-Zft280GXkXYEyG9MaujzPcbK6W8K_7jDXEujhQ2bN2...

43 B
422 B

344ms
336ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBSgi_sHZK9v95wtslJj5DY&google_cver=1&google_push=AXcoOmSjCKIF676bq5EcYsJBa3pug5ztI3vUEbx6Kgwl4oOMe13dF-FY-Zft280GXkXYEyG9MaujzPcbK6W8K_7jDXEujhQ2bN2aom4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSjCKIF676bq5EcYsJBa3pug5ztI3vUEbx6Kgwl4oOMe13dF-FY-Zft280GXkXYEyG9MaujzPcbK6W8K_7jDXEujhQ2bN2aom4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83b49a0fb9f5697b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 388
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBSgi_sHZK9v95wtslJj5DY&google_cver=1&google_push=AXcoOmSjCKIF676bq5EcYsJBa3pug5ztI3vUEbx6Kgwl4oOMe13dF-FY-Zft280GXkXYEyG9MaujzPcbK6W8K_7jDXEujhQ2bN2aom4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSjCKIF676bq5EcYsJBa3pug5ztI3vUEbx6Kgwl4oOMe13dF-FY-Zft280GXkXYEyG9MaujzPcbK6W8K_7jDXEujhQ2bN2aom4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 83b49a0e38b6697b-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 7A8D 70 B
149 B 199ms
63ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE3zpqYQVw75c6fHl3YlbPE&google_cver=1&google_push=AXcoOmSFnb-UJ9T4k9b9v4FvrRcbo-oBoKvra441dUrt5sPAc4BIg0MyCzPBfKq5ybd1dXeHQ6jrPbhnyTEqvSDtXoTeTB4QYjzvxcBn
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:14 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A8D
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESENQHO1gnkdGs9TAR4lcohpk&google_cver=1&google_push=AXcoOmSfZZujaLaIixghkHn_tFzBU0GLeGfFlJvMOxDY4f523xucvtltn2jx3cIups1NtvJ_3qAXafM...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSfZZujaLaIixghkHn_tFzBU0GLeGfFlJvMOxDY4f523xucvtltn2jx3cIups1NtvJ_3qAXafMxjGFTydiXHQVS8xf-pSYFWStw&google_hm=6C6WPShyQmyl5...

170 B
188 B

51ms
47ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSfZZujaLaIixghkHn_tFzBU0GLeGfFlJvMOxDY4f523xucvtltn2jx3cIups1NtvJ_3qAXafMxjGFTydiXHQVS8xf-pSYFWStw&google_hm=6C6WPShyQmyl55VFNO6W4oM

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmSfZZujaLaIixghkHn_tFzBU0GLeGfFlJvMOxDY4f523xucvtltn2jx3cIups1NtvJ_3qAXafMxjGFTydiXHQVS8xf-pSYFWStw&google_hm=6C6WPShyQmyl55VFNO6W4oM
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 7A8D 0
173 B 140ms
46ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJ6wgptmBnzp7w4m4mi9A9o&google_cver=1&google_push=AXcoOmQQtzS5KA4jgLkWI690ZVNU0RPy4LcYSSLrCK_RXFB1k8OLYxrRnX7TpxQu-nrP9oKo3vAeEU0OvNKVBQhgT-k4dHiGZthsKik
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:14 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A8D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPl9he1c4MIG2cw9XH-dTnA&google_cver=1&google_push=AXcoOmSt1AutO9jq6Kt_l63BIxDTBts3WJM3OxjtdxVfKB68a1316Nq0zsRJjwx0QNw_P-5upWHdyQ2MbuWaiQ0ZiriqCs-...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSt1AutO9jq6Kt_l63BIxDTBts3WJM3OxjtdxVfKB68a1316Nq0zsRJjwx0QNw_P-5upWHdyQ2MbuWaiQ0ZiriqCs-fb3bgpIol&google_hm=eS0xWWxaTEV0RTJwRW...

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSt1AutO9jq6Kt_l63BIxDTBts3WJM3OxjtdxVfKB68a1316Nq0zsRJjwx0QNw_P-5upWHdyQ2MbuWaiQ0ZiriqCs-fb3bgpIol&google_hm=eS0xWWxaTEV0RTJwRW9yakFoQ20xeFlIZk05cDZ5dW9kan5B

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 25 Dec 2023 22:43:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSt1AutO9jq6Kt_l63BIxDTBts3WJM3OxjtdxVfKB68a1316Nq0zsRJjwx0QNw_P-5upWHdyQ2MbuWaiQ0ZiriqCs-fb3bgpIol&google_hm=eS0xWWxaTEV0RTJwRW9yakFoQ20xeFlIZk05cDZ5dW9kan5B
content-length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 7A8D 43 B
146 B 161ms
39ms Image
image/gif 18.197.41.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEJbgM92vuz3E14ZdnwSELp8&google_cver=1&google_push=AXcoOmQR85X6wisQhfdBtXRhQMZwp_utXIZpbJOIHZRiP_MLSsMD3uz3uzJ0lFm2m98EmnX-yLFMIjH24z0F4qBE_AIUOJl55LeeQL8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.41.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-41-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:14 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A8D
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECqlMxf-yoOiJLKiyJVVgSg&google_cver=1&google_push=AXcoOmSbTBGzTxXkRJgBy1V32WjGVoTjddzYAtPkf5JwDRWPZ4aFXtHKdxpvWgwbgO5KfO_DzPaidmXE...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECqlMxf-yoOiJLKiyJVVgSg&google_cver=1&google_push=AXcoOmSbTBGzTxXkRJgBy1V32WjGVoTjddzYAtPkf5JwDRWPZ4aFXtHKdxpvWgwbgO5KfO_DzPa...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA5Nzc4MzQ3ODk0MjczODg4&google_push=AXcoOmSbTBGzTxXkRJgBy1V32WjGVoTjddzYAtPkf5JwDRWPZ4aFXtHKdxpvWgwbgO5KfO_DzPaidmXE...

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA5Nzc4MzQ3ODk0MjczODg4&google_push=AXcoOmSbTBGzTxXkRJgBy1V32WjGVoTjddzYAtPkf5JwDRWPZ4aFXtHKdxpvWgwbgO5KfO_DzPaidmXE0PEwW_xtFWY-8vn5oJMGNTeP

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzA5Nzc4MzQ3ODk0MjczODg4&google_push=AXcoOmSbTBGzTxXkRJgBy1V32WjGVoTjddzYAtPkf5JwDRWPZ4aFXtHKdxpvWgwbgO5KfO_DzPaidmXE0PEwW_xtFWY-8vn5oJMGNTeP
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7A8D 0
12 B 46ms
45ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSW6YMrZ2YyFr9TIP0yKPPznEaOTtPgSggeUsFq7M5CSiMmswedc7du_QQApdbrdysDB4m

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15541521504290386506/ Frame 138F 144 KB
23 KB 32ms
31ms Document
text/html 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15541521504290386506/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad77437eca0516a573c0ea468ad25eaa732e2008924d763ea6217fb12860abd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 31915
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 23124
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 13:51:19 GMT
expires: Tue, 24 Dec 2024 13:51:19 GMT
last-modified: Thu, 24 Feb 2022 10:20:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 57A7 0
0 173ms
82ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqAmR8jDNl7lgdyhB4RNq5DD5YU0oFwux4wHvlXAkVPeLW-xYE-XA9XwxFtOF3bSOeT3YP6eO3P-Jcl3b-QtCtGDKcc3O5VdKj94ijBRMzU2vyztIwxetiAn4z3nCUvF7Feu9NHcBv7gLbkK0nkNicDqhuXUlsRoEgCuOAktvWGupQdTyR55yU-pBWt2E6-DlEz9GqUSCOtz0Ci5au9yTMleECTnse91uIqgn-fOe5GRyIzoarsShZbaj4Yiinpi8ZocxewMRHnampLjIFZzkXRmupo1VI3AUpsE_uBAdbI4kop7gaWlMdkkj2hKBf5XcyYa6SiGn3ZlPD0AzL70rN8Vrj2oIZpD-3g2J2Uqb30r1q04y1ZUfN70q0VlWnWVVeKBmQWS8lY912bVDhpp9lodHoc10sVYnB1k__ZVBvvnL-qV7IAK4MRsrb79L-QBGO1kaWECLiTtN1wRqWJgai-_BcLxsbMr_vg1t67h6xMKDxLi1BcvVqSMLrYL6kpqkCtH-m-AksnTV7VwCxJey0-tIg0ETrZ8n3o2QU2aeQPFAkyV6nbo0BZUSJmCgodqKnWF2xIYpPGUP2KrhDgfKzTNvXdA_E-6uDEM5zUzWQqBcHFoj7s4w5xcqmHjfRSwJWsHVqGyMjbwsrHOaAWLsqpW0ylUTkO7vaUZ4aNvoq6IpS7IksASKCW3VrYUZ2AMj1KOn8JdIaaWiUge0hDwg08gD9gaRfbbH3qpfozuxRSJWA_VgsUSn2eFfCByH3c_3VHC0dwW_COP6ml5f7nny5cfKnqqfIy71gKUaPRKsYn8E77xZTLn-e13IN1ptKVgZNCeOTwNsgpL7e3LF2zn0Z2E7d9Cy9ugF5aIIEbaCT-MIA3zlND-j8vIQimWfJSu5b9EJaJAtaD3zcnI2LXRbN3BIDOiyed3CGa8VOM73PQVdAGaGh4dfElp581x_Pq5x9j-gvXZKbSJjhnAovooFGssgV631bUPkROToKU7kdwMClWdUtKjMOZgioagWhrHwGRTtSOEEd6Dc_mpUc3cimn8FzZAlDawnSyZfd1v2mbWizfC-tfGSsABNwO073Tdz9NX-bfsjTKAxBD-qOGDDzciF8tLdxlV5Spaez6WXHXlBk0elxPuY5I9uJAbkr_9YJ7XP9WkQQyg38XaP1Z7XLkfQVfou3B4B6V_zytWDLbAqbUXu_3YxIEOtyNXoSSZIS1vlGDmrX8VarK6f816GFQ9OUxOwAb9Fszr1q9v82w-konHSufoPVBUEhgtKBWwxEfYaVVTHxQGPvlyR4Nv7nP3gGkNHyjtHAS5E-hGyf0LOblptgQrLPIClfY31TZJRCmjSqDycsiw4v-U1GzSaaFxzz4b2A4uGINzge3gftGOyUzey9KZfTldPrdsn2HjimdOW8cn1zdHWUwALCXXS6MSEamb8a5jUk0BizLC39a_KF4evoDaU&sai=AMfl-YTKlG3rRfa1dv9Hq1U_oQOvsojNcR7F_FrKt_dT0fNsv66jEbiQVPPo-4puSQPSxa5GR43dUQBOHW6qgSLZJi-CcFlCqeQWXy6UvaPc43oGwS6Za4Vrwx0D3Ipv64cCsdRx29y4zkL1s1e7SbkezaFZyEB2k0CPq_2BJ3YGUlCIfdV0nTeAxvmqABK5SMCUPk7V3qMgWfMEEipGl2O5i74mv3CrT5l3kHDpq_ihVWRVZ9geesVsefoYkzw5MDf9D3DAxVxYTSHpQMFxGnlOKM7di4Rkqcw&sig=Cg0ArKJSzBaHwwR6K1e7EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=53&cbvp=1&cstd=52&cisv=r20231207.96032&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 25 Dec 2023 22:43:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EEE 39 KB
15 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 138F 29 KB
10 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15541521504290386506/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15541521504290386506/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 09:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 09:03:32 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 57A7 0
0 91ms
75ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqAmR8jDNl7lgdyhB4RNq5DD5YU0oFwux4wHvlXAkVPeLW-xYE-XA9XwxFtOF3bSOeT3YP6eO3P-Jcl3b-QtCtGDKcc3O5VdKj94ijBRMzU2vyztIwxetiAn4z3nCUvF7Feu9NHcBv7gLbkK0nkNicDqhuXUlsRoEgCuOAktvWGupQdTyR55yU-pBWt2E6-DlEz9GqUSCOtz0Ci5au9yTMleECTnse91uIqgn-fOe5GRyIzoarsShZbaj4Yiinpi8ZocxewMRHnampLjIFZzkXRmupo1VI3AUpsE_uBAdbI4kop7gaWlMdkkj2hKBf5XcyYa6SiGn3ZlPD0AzL70rN8Vrj2oIZpD-3g2J2Uqb30r1q04y1ZUfN70q0VlWnWVVeKBmQWS8lY912bVDhpp9lodHoc10sVYnB1k__ZVBvvnL-qV7IAK4MRsrb79L-QBGO1kaWECLiTtN1wRqWJgai-_BcLxsbMr_vg1t67h6xMKDxLi1BcvVqSMLrYL6kpqkCtH-m-AksnTV7VwCxJey0-tIg0ETrZ8n3o2QU2aeQPFAkyV6nbo0BZUSJmCgodqKnWF2xIYpPGUP2KrhDgfKzTNvXdA_E-6uDEM5zUzWQqBcHFoj7s4w5xcqmHjfRSwJWsHVqGyMjbwsrHOaAWLsqpW0ylUTkO7vaUZ4aNvoq6IpS7IksASKCW3VrYUZ2AMj1KOn8JdIaaWiUge0hDwg08gD9gaRfbbH3qpfozuxRSJWA_VgsUSn2eFfCByH3c_3VHC0dwW_COP6ml5f7nny5cfKnqqfIy71gKUaPRKsYn8E77xZTLn-e13IN1ptKVgZNCeOTwNsgpL7e3LF2zn0Z2E7d9Cy9ugF5aIIEbaCT-MIA3zlND-j8vIQimWfJSu5b9EJaJAtaD3zcnI2LXRbN3BIDOiyed3CGa8VOM73PQVdAGaGh4dfElp581x_Pq5x9j-gvXZKbSJjhnAovooFGssgV631bUPkROToKU7kdwMClWdUtKjMOZgioagWhrHwGRTtSOEEd6Dc_mpUc3cimn8FzZAlDawnSyZfd1v2mbWizfC-tfGSsABNwO073Tdz9NX-bfsjTKAxBD-qOGDDzciF8tLdxlV5Spaez6WXHXlBk0elxPuY5I9uJAbkr_9YJ7XP9WkQQyg38XaP1Z7XLkfQVfou3B4B6V_zytWDLbAqbUXu_3YxIEOtyNXoSSZIS1vlGDmrX8VarK6f816GFQ9OUxOwAb9Fszr1q9v82w-konHSufoPVBUEhgtKBWwxEfYaVVTHxQGPvlyR4Nv7nP3gGkNHyjtHAS5E-hGyf0LOblptgQrLPIClfY31TZJRCmjSqDycsiw4v-U1GzSaaFxzz4b2A4uGINzge3gftGOyUzey9KZfTldPrdsn2HjimdOW8cn1zdHWUwALCXXS6MSEamb8a5jUk0BizLC39a_KF4evoDaU&sai=AMfl-YTKlG3rRfa1dv9Hq1U_oQOvsojNcR7F_FrKt_dT0fNsv66jEbiQVPPo-4puSQPSxa5GR43dUQBOHW6qgSLZJi-CcFlCqeQWXy6UvaPc43oGwS6Za4Vrwx0D3Ipv64cCsdRx29y4zkL1s1e7SbkezaFZyEB2k0CPq_2BJ3YGUlCIfdV0nTeAxvmqABK5SMCUPk7V3qMgWfMEEipGl2O5i74mv3CrT5l3kHDpq_ihVWRVZ9geesVsefoYkzw5MDf9D3DAxVxYTSHpQMFxGnlOKM7di4Rkqcw&sig=Cg0ArKJSzBaHwwR6K1e7EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=128&vt=11&dtpt=75&dett=3&cstd=52&cisv=r20231207.96032&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 138F 2 KB
1 KB 36ms
35ms Image
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15541521504290386506/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:36:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Dec 2023 22:51:12 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 138F 3 KB
1 KB 34ms
33ms Image
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15541521504290386506/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:30:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Dec 2023 22:45:35 GMT

GET
H3 200 head2_3line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 138F 12 KB
3 KB 41ms
40ms Image
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_3line_family.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

779560b566f055003c68dd89d16a1411bd308db8bcfbc6acfa37ee6f3292988e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15541521504290386506/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3390
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Dec 2023 22:57:59 GMT

GET
H3 200 head1_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 138F 7 KB
2 KB 39ms
38ms Image
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_2line_family.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a4ce4cc9de9b9337c9591716670e26c1ee79f11a5ff24a0476cecfb23d0604a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15541521504290386506/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 619
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2220
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 09:12:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Dec 2023 22:47:55 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 138F 6 KB
2 KB 39ms
39ms Image
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15541521504290386506/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:29:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 797
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Dec 2023 22:44:57 GMT

GET
H3 200 300x600_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 138F 38 KB
38 KB 37ms
36ms Image
image/jpeg 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/300x600_kv_family.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6de3574f4030ad25ad1374004dba3c1b46323c38524b730d8bcdb4697026ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15541521504290386506/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:39:33 GMT
x-content-type-options: nosniff
age: 221
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38994
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 09:52:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Dec 2023 22:54:33 GMT

GET
DATA 200
OK truncated
/ Frame C4A8 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1cfecac22ab03d2b82e23c62a3e7ee08d1280190e360f18dfefe7ee2f7e770b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 32834824_20210909153323200_new-in-stock-angles-de.svg
s0.2mdn.net/ads/richmedia/studio/32834824/ Frame C30A 2 KB
890 B 33ms
32ms Image
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/32834824/32834824_20210909153323200_new-in-stock-angles-de.svg

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41947949348419f17c54bc7c518befd832ad2c98ccf0f23157ae94b2a97ad78a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 19:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 854
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 14:25:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 19:08:22 GMT

GET
H3 200 Microchip.png_1695994647865_Microchip.png
s0.2mdn.net/dynamic/2/10863983/www.mouser.com/images/suppliers/logos/ Frame C30A 4 KB
4 KB 35ms
34ms Image
image/png 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10863983/www.mouser.com/images/suppliers/logos/Microchip.png_1695994647865_Microchip.png

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88b480c159531651a2d6e8cd9e1f9a5615265d5d8ad00d5c3cf874b565c85077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:31:08 GMT
x-content-type-options: nosniff
age: 375126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4007
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 13:37:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 14:31:08 GMT

GET
H3 200 148287284.png-v=081523.0943_1695994647865_148287284.png
s0.2mdn.net/dynamic/2/10863983/eu.mouser.com/images/marketingid/2023/img/ Frame C30A 126 KB
126 KB 33ms
32ms Image
image/png 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10863983/eu.mouser.com/images/marketingid/2023/img/148287284.png-v=081523.0943_1695994647865_148287284.png

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7de86652306d72730566bc077d25422471013eb01dd784a6187a78552674683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 14:30:28 GMT
x-content-type-options: nosniff
age: 29566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128642
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 13:37:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 14:30:28 GMT

GET
H3 200 32834824_20210413154904536_industrial-160x600.jpg
s0.2mdn.net/ads/richmedia/studio/32834824/ Frame C30A 43 KB
43 KB 36ms
34ms Image
image/jpeg 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/32834824/32834824_20210413154904536_industrial-160x600.jpg

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

259f7b6c8678f4150acb1ac51e33947595c7c6ca3b8bf85568e1b7d966fe307b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 20:07:47 GMT
x-content-type-options: nosniff
age: 9327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44353
x-xss-protection: 0
last-modified: Tue, 13 Apr 2021 22:49:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 20:07:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EEE 0
20 B 67ms
67ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bc6V4ggWKZYL9A-uz9u8P0ZSv8A4AAAAAOAHgBAI&bg=!XV6lXhHNAAY3kmNgF5I7ADQBe5WfOMnUokLKiD3mGwIUE9-MvUmwTY28T6luG-R4MZBN101ozIoeSd3JjgPAd1uWxArgAgAAAFVSAAAAAWgBB5kDJuZxcKXu5GTCcyinv00WHmfAENGBxO3wsQSo_W-cid8GDTzXH_Va4y6AqmpymLq5deugfI_pFyOP8eoBwwxvOW9Ws7N1SD-qkb-szUW5TZi3on1FT5HPzifpZetMBEav5MLumpwdk4Vif0tmZ7MMQCmt1escaeyyaC59-8SQqw2MvLH7ndKq8QU7u1zl-5e9TLlV6DzlfzHZFdMf-zRHQE2fIdaKe4zLv6_51QpcXg4HNyXy91_XfaMGEBY7Ad31Qgp2w-p86wiiFUW4Zp-uuG_U3RK6uBP4iNYAi7_XBxGR79oMmv65dDXKepHyp0HlYxCPCMVcs6yBWG-Kh7gXKKYtiAh2B_tWx6v-WKIuJOuCJSD1AwvIKXLfnWDzhwcUQFHUsI1UEfdWV2jIrpk_VUfA1JM8WaLCRekaxY-FV3KNeDaWXE0LAbFM6jN2IJ1YdrDLhEIvwbheiqjs_LNIPgs6ZtbDMQt3lGTcUjob8rwwNtP5oKjjGQQEPvweVJuGrMj9yfSViFZNls29J02bdXjrYIbbiaLzRV0XhiY4gPQXk165VOOFNi74VYUGITyDIoMONZLOfAfcvSRp9NHayeDkYF-hzs8eCuoKfFZCyAZOnV_bTsCahtwOqu_i7iZw5wP5TgKz5K9mfqrDk9C7XBgo2BEZAQZaun1lnOBVI09OsVdhaDmr5T6nFPggib-HVRNrJdIiqMW2FlxMEX2V4SjC3f3cesJw4GnwNfKU37nKLWVAdK9_ls2J-FlJD6fK0hNrwyc1cn8U4uxKiZWxBwrJz9pY3Y3u1VoKD1Swv4ArMG1-8iON27K8d4xOp3vIW-hz1k7X0eQtePCSQ4bUCC8f-TWMkK5o2R3kEJmAFjMvFbDMBdiFItc9zFYcHBLX2DGs35xnpasBjiMngT0zU1AFld2jJY2w-QMemUqkGkzF2NeXkJiqpsHfgfXrliMRfxd3BtZfOotYLYejNw5go4a7EyI7Gty2XHaLaVg39MCVRHVn-cFA-ExKyeKTV7lgVSa8kkCLtKmEuVyFp07gipZp-HC9w_Xa_rPLT4-FW9L0gvLZCD-w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C30A 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 Microchip.png_1695994647865_Microchip.png
s0.2mdn.net/dynamic/2/10863983/www.mouser.com/images/suppliers/logos/ Frame C30A 4 KB
4 KB 36ms
35ms Image
image/png 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10863983/www.mouser.com/images/suppliers/logos/Microchip.png_1695994647865_Microchip.png

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88b480c159531651a2d6e8cd9e1f9a5615265d5d8ad00d5c3cf874b565c85077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:31:08 GMT
x-content-type-options: nosniff
age: 375126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4007
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 13:37:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 20 Dec 2024 14:31:08 GMT

GET
H3 200 32834824_20210909153323200_new-in-stock-angles-de.svg
s0.2mdn.net/ads/richmedia/studio/32834824/ Frame C30A 2 KB
890 B 37ms
36ms Image
image/svg+xml 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/32834824/32834824_20210909153323200_new-in-stock-angles-de.svg

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41947949348419f17c54bc7c518befd832ad2c98ccf0f23157ae94b2a97ad78a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 19:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 854
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 14:25:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Dec 2023 19:08:22 GMT

GET
H3 200 148287284.png-v=081523.0943_1695994647865_148287284.png
s0.2mdn.net/dynamic/2/10863983/eu.mouser.com/images/marketingid/2023/img/ Frame C30A 126 KB
126 KB 32ms
32ms Image
image/png 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10863983/eu.mouser.com/images/marketingid/2023/img/148287284.png-v=081523.0943_1695994647865_148287284.png

Requested by

Host: www.xn--12c4cbf7aots1ayx.com
URL: https://www.xn--12c4cbf7aots1ayx.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7de86652306d72730566bc077d25422471013eb01dd784a6187a78552674683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10216343982835143903/index.html?e=69&leftOffset=0&topOffset=0&c=Ilrzt20O3G&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 14:30:28 GMT
x-content-type-options: nosniff
age: 29566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128642
x-xss-protection: 0
last-modified: Fri, 29 Sep 2023 13:37:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 14:30:28 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 17C1 42 B
64 B 65ms
65ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQJpK6NvCb5xH3MjEnvLEwIEaNg-ROKvL0jCrKLCdKqN5Vr_o_lmtzbXKMS03oKX0fTj2-jZwqbkwJTOpYu_4nsmRsaISiFGFUtSbGej_xSiQY1f80Fd9Oyx3A3AWM4MljGMl8-0Y4vloUQBiqnROLEjrC&sai=AMfl-YSwtsX-erjAnahFilk1nv8bRFnxeYMmDGggQHOhegImYOpFbVlu0hm8X9BjkPwQIy31bQIZc2lxy499pZsyYoFhWBPc02V5B4ewGkmajn2gmOuNjenyQ93DTy_vBSBgqr8mYP_OAdVt0ecSIPfmeQ&sig=Cg0ArKJSzFxEnB0RcL10EAE&cid=CAQSTwAvHhf_7cINAWWA5iZiKpI-cd4_UIdjOKx-IdyvrAhQHAD4FcAZLNm70jU0p1Jue858NJLYgac4LUkyUvi7BbnwDwXf86Rdq6vVzmK0938YAQ&id=lidar2&mcvt=1000&p=0,0,280,729&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=0.63&if=1&vu=1&app=0&itpl=22&adk=3129314618&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703544192498&rpt=947&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 57A7
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/987057/61527014/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-0840729773249552&ias_chanId=1&ias_placementId=20343401411&bidurl=https://www.xn--12c4cbf7a...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ggWKZYL9A-uz9u8P0ZSv8A4&cbFunctionName=goog_wrapCb_ggWKZYL9A-uz9u8P0ZSv8A4&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

47ms
38ms

Script
application/javascript

2600:9000:243d:ba00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ggWKZYL9A-uz9u8P0ZSv8A4&cbFunctionName=goog_wrapCb_ggWKZYL9A-uz9u8P0ZSv8A4&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Server: 2600:9000:243d:ba00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: vKEhI2DDF7x4y1d6KCleNAEq1uB6J8K1
content-encoding: gzip
via: 1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
date: Wed, 20 Dec 2023 19:38:01 GMT
x-amz-cf-pop: DUS51-P4
age: 443133
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 13 Dec 2023 19:37:39 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: 5ueHEHyaj1c4inX4km0xV3SyH9CLKZ3CpUMBQki7CAhNgb3LnYfl1g==

Redirect headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
server: nginx
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_ggWKZYL9A-uz9u8P0ZSv8A4&cbFunctionName=goog_wrapCb_ggWKZYL9A-uz9u8P0ZSv8A4&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 77A7 91 KB
23 KB 119ms
34ms Script
application/javascript 2600:9000:243d:ba00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:ba00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 11 Jan 2023 08:50:00 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 30117195
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: fbgIJBPINQCaAen6X4CxIKJrT4ApSt-5-VLITV2Ki7COWdObzM6c8A==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 57A7 43 B
216 B 376ms
118ms Image
image/gif 2600:1f18:1aca:4281:c66c:cb3:5c51:6f9b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=997c31bd-5568-7057-4c2f-73cf84ac7a38&tv=%7Bc:xR4t7n,pingTime:-3,time:32,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:32,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B29~0%5D,as:%5B29~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZuFPzL+11%7C12%7C13%7C141%7C15*.987057-61527014%7C151%7C152%7C153%7C154%7C161%7C1711%7C1712%7C17131%7C181,idMap:15*,rmeas:1,rend:0,renddet:na,siq:12%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c66c:cb3:5c51:6f9b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 57A7 43 B
215 B 376ms
120ms Image
image/gif 2600:1f18:1aca:4281:c66c:cb3:5c51:6f9b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=997c31bd-5568-7057-4c2f-73cf84ac7a38&tv=%7Bc:xR4t7o,pingTime:-6,time:33,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:33,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B29~0%5D,as:%5B29~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZuFPzL+11%7C12%7C13%7C141%7C15*.987057-61527014%7C151%7C152%7C153%7C154%7C161%7C1711%7C1712%7C17131%7C181,idMap:15*,rmeas:1,rend:0,renddet:na,siq:12%7D&tpiLookup=ao:www.xn--12c4cbf7aots1ayx.com*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c66c:cb3:5c51:6f9b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 57A7 43 B
215 B 372ms
119ms Image
image/gif 2600:1f18:1aca:4281:c66c:cb3:5c51:6f9b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=997c31bd-5568-7057-4c2f-73cf84ac7a38&tv=%7Bc:xR4t7s,pingTime:-2,time:37,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1296,beZ:1297,mfA:1299,cmA:1299,inA:1300,inZ:1302,prA:1302,prZ:1305,si:1308,poA:1309,poZ:1322,cmZ:1322,mfZ:1322,loA:1329,loZ:1331,ltA:1333,ltZ:1333%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:37,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZuFPzL+11%7C12%7C13%7C141%7C15*.987057-61527014%7C151%7C152%7C153%7C154%7C161%7C1711%7C1712%7C17131%7C181,idMap:15*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:12,sinceFw:24,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c66c:cb3:5c51:6f9b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 944A 42 B
64 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBP5DnfSWb2EigSZUNy9gtJQhi92DkwWewEI_R6R5ahb1nrQU7Yf7_Rgfd5b2_rwnhMnfXV-5LqmyEG6WIf-sWr85hYv-9rNzKa06pibWqxSEnEx7oOytJWQ60z9R66GJdVPlTLbFk59YZqn5FOnh_QaL-&sai=AMfl-YRMlpGFAA4j-bx1LEDDkEQ4bUjicd37sZhOF2q6SPfqBpP6XP-1t8ZB0EspmObkpCLuGVRaE6YWlGg6DaZGJw0_4wvk22bq5GB0Q_H40vDFPBXRUw8Nhfy8bhFRl6lqhvkzK-MQol4g--nbMqhbxA&sig=Cg0ArKJSzMI0AXveho_FEAE&cid=CAQSTwAvHhf_FdBl0rmlo2FM5LOrCmgJH4oR8RFHc56_l7wVC9N0mQmadFHGDC_9cC9bFQxJkEUuAr5BfFl0LJ6U7ivYTEi3rj3t2gCyyhhsCQcYAQ&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703544193321&rpt=241&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FC79 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSAtIR79PwGK4JuI6rFia-qx8hF4FDIM7K1EkQYdxv28CiJmOdBkvlAkb6gMwbW-wuzm8eHKC7CFzg8pGHSgXlYB0THQwjA7Ou2IcP4_OwMhZPZitOHd5SBsflH4H0RYWc6Bqca2Sjuu41-lgEhP6n_-Ap&sai=AMfl-YQtZQpENlsfzqsVo1nLuIuzBfS1jmOMFV49YBGlY7osciP5Neaft-xsGPar0eIZo2YQWJwvBFWq5oAvMy6u_ZVph9Vy1uQ4_ldf1TGKttyINulOG1kks2rszeaJ8Brvy-MdhQSgSAmQ2QPZmDo-sQ&sig=Cg0ArKJSzABbfjJoQvfYEAE&cid=CAQSTwAvHhf_FdBl0rmlo2FM5LOrCmgJH4oR8RFHc56_l7wVC9N0mQmadFHGDC_9cC9bFQxJkEUuAr5BfFl0LJ6U7ivYTEi3rj3t2gCyyhhsCQcYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=104,789,1000,1071,1071&tos=104,685,211,71,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703544193324&rpt=335&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 57A7 43 B
215 B 121ms
120ms Image
image/gif 2600:1f18:1aca:4281:c66c:cb3:5c51:6f9b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=997c31bd-5568-7057-4c2f-73cf84ac7a38&tv=%7Bc:xR4tdN,pingTime:-10,time:430,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703544194907%7C%7C2a31c32b87429eb276590c70e703e00b%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7Ca650d89732ae8d26b767d43faf089ca3%7C%7C3c23a3187e212774ad30bc16e4b41e8d%7C%7Cfa4ab966e89727edd028cadccc903963%7C%7Cf679cba2ed1f14d22a2ede5090b9bbde%7C%7C8d5d423a016a9d4adb0ab135202e728e%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=600&adk=2796972978&adf=1113655316&pi=t.aa~a.1030450696~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1703544193&rafmt=1&to=qs&pwprc=4018023627&format=300x600&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544193178&bpp=1&bdt=2654&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dff57e29d47aff64a%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw&gpic=UID%3D00000d2b21b13218%3AT%3D1703544192%3ART%3D1703544192%3AS%3DALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng&prev_fmts=0x0%2C729x280&nras=2&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1028&ady=1694&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&psts=AOrYGskaCuLj1W_p_ewshIbAoBb1WjeXIaMYD2KESTOK1FI5wTARxKwMsWOBXS9q7JkLyAIZAI4ejLKfSPO_9E64H18-9ysJ&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c66c:cb3:5c51:6f9b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:14 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 77ms
76ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4fdb9261dfee8c54937ec751b7ce1d472e4656f516ecf8b5f1f0d54818ce795

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12011
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 57A7 43 B
215 B 121ms
121ms Image
image/gif 2600:1f18:1aca:4281:c66c:cb3:5c51:6f9b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=997c31bd-5568-7057-4c2f-73cf84ac7a38&tv=%7Bc:xR4tge,time:581,type:e,im:%7Bpci:%7Btdr:546%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:581,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:12,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B577~0%5D,as:%5B577~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:124,fm:tZuFPzL+11%7C12%7C13%7C141%7C15*.987057-61527014%7C151%7C152%7C153%7C154%7C161%7C1711%7C1712%7C17131%7C181,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:150%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:c66c:cb3:5c51:6f9b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:15 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Dec 2023 22:43:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A83F 13 KB
5 KB 29ms
28ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.xn--12c4cbf7aots1ayx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 79203
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 00:43:12 GMT
expires: Tue, 24 Dec 2024 00:43:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9C97 829 B
1 KB 37ms
37ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

512d5d6572ddb0cc29b384886845203daf705cfc32970485b040650c73934bb7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x8nnfeOKFT_XUxBlBJ9ZiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.xn--12c4cbf7aots1ayx.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-x8nnfeOKFT_XUxBlBJ9ZiA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Dec 2023 22:43:15 GMT
expires: Mon, 25 Dec 2023 22:43:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A83F 39 KB
15 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 10:15:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44873
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 24 Dec 2024 10:15:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9C97 0
0 63ms
62ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4038426443409515&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A83F 0
10 B 29ms
29ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PLrh1g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 22:43:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C4A8 42 B
64 B 66ms
65ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSVQi3JjDQQ-sEFNOEBMmNuvEn3f6TiN0SDnrK8aveI9L359XCVRgIMD166aoiGk9zuX1IQ-ijDgvpxVVci9Q7aJqrSf8icsEe8PYH48RfuU7BA5i124DsSrk2LaUzN8UwTnMAu0D6YzZkgz0iouM-JzBl&sai=AMfl-YQg7TmxB1kSZ79a4egF3JRRZSs_W5RGm6Th7bSMcOh0H3HpRz8EjNw4oB4Ubnd00FQHgpqZfPZrEDIQbwjOCSOrQV3YyBtUBWVZSzVekuuBHlZalFNvgBNlzdyt-IRpyAWvHwbZc7FTzNgZpYc-oQ&sig=Cg0ArKJSzJwi7GiDuhHmEAE&cid=CAQSTwAvHhf_FdBl0rmlo2FM5LOrCmgJH4oR8RFHc56_l7wVC9N0mQmadFHGDC_9cC9bFQxJkEUuAr5BfFl0LJ6U7ivYTEi3rj3t2gCyyhhsCQcYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703544193401&rpt=921&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 68ms
68ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4038426443409515&bg=!1tWl1ZrNAAY3kmNgF5I7ADQBe5WfOG37Xqgp8Q1GRDP8CJZdAEIxKkZBSN0tAglQVaH3pjcMaxEcwuYJ-a_ZlkwGeYJXAgAAADNSAAAAAmgBB5kC-nUWZc6rs7TjnH1J3GX0ZpPX3nAdE8Voj6BWG3zVLu539eNhDgG4YKHNYsZwUGTlGMa1Cend-J9ZOm-60c4Vt2uB9ENNaxYdT3TalU91260jkSuBTKJbWf_dsehWZuuhGa5XrUUrk-EewaM5bhWw4AGuN2E5DdZb0vmhSA_sxQ_X5Tw1FhLoFtswwWAxMzxLWb6G0WYxBQaA56G_CdHsy-zluJIngAarXqcGIcLswMjkV9heFtwqABF3FKWW4N2YOPK5uU96Kmlu9Zg7gcugppa2ApVq-IgCZ_gKF-g4gA4I7r7UDidRcHVcD13fjXhC-bdZJMp-9C8a2sYdqANM3MADYwpr3n05uLCJqqGJP_Ao2q2VBPBYqCWXb4Xhi8dVPKI_VbNriylIyRcmci3hrcN2VTZh6Nk6CZMpg7M83jVRrt5X45jdiLfedDApc8PuTr8LyQV4nf9CTDKQXUfxFt1iKniySSPz-X2DsM-vWaGRJ9no6v8KRcEWEqJ8XfQH9LBjCqIsUimVQLa7f4R3jjBXshdFgma1PzM5rZxV5_gWfyob_49n2lSYXzE--0g0Wv1zIkG7rgKOzTdDgARXbde_-SQgh-WR2fv8QTHpx_ok-ccrgudjPurIFkmE2j3PxHY42gZzahYGSwHTG75NueaX559p3k6tDC3jf0ichWdkwlnHrD6A_u-kYpM_tRJLqQ3_aYQyyzQ5D7DwaDz58XluppmImsh7boHP06MJsx0f5u7yPNCaxLfn1V-MPNICiOmnCezd0MC-9fwP9CTfVugY9DqDZKMn7ujNJLf4iH76fELSmc-WUa41ikcThx73K5El0LVSBmb6Z3sc93uDGwFYwJh66M8mK9f5rG6IkVbmFE2odX82PdS_wCF054EjmGfl7E7OdUCrjHLQhIqsPbdCVg7WMyGIFHWhDDqKVr3jIasrP34FIW0h56hZFOOhWydOU8fb0PDp-r6Oz9YCHCql2bsY7pXbF-CPaG75eZL4wpgUIGmPzIz7Vw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.xn--12c4cbf7aots1ayx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 57A7 0
22 B 65ms
64ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3347750119806&version=m202309260101&ct=76&x=1&cor=13048869193960319000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Dec 2023 22:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.xn--12c4cbf7aots1ayx.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3kr8s5njej5gl1p5jl92q44f41
.xn--12c4cbf7aots1ayx.com/	1970-01-21 02:34:00	Name: __gads Value: ID=ff57e29d47aff64a:T=1703544192:RT=1703544192:S=ALNI_MbWTgoX34SHwtGStf1j6Y6SO5eUEw
.xn--12c4cbf7aots1ayx.com/	1970-01-21 02:34:00	Name: __gpi Value: UID=00000d2b21b13218:T=1703544192:RT=1703544192:S=ALNI_MYF0AstieeC-HH35C4VKk2-FKg0Ng
.casalemedia.com/	1970-01-21 01:58:00	Name: CMID Value: ZYoFgQOBk0QRtABo4tvm7QAA
.casalemedia.com/	1970-01-20 19:22:00	Name: CMPS Value: 3344
.casalemedia.com/	1970-01-20 19:22:00	Name: CMPRO Value: 3344
.googleadservices.com/	1970-01-20 19:22:00	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 02:34:00	Name: IDE Value: AHWqTUlnjB6jPAbDtN41sFmSwUSEhBws1hN9qjPO1YHyPzfGNp1HB3Kyn6otXOfsIxI
.doubleclick.net/	1970-01-20 21:31:36	Name: APC Value: AfxxVi6ZrU7M_RQtXuN5-jT-UNyv_eZls7shu9lLw0310RhNjnrcNg
.adnxs.com/	1970-01-20 19:22:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2H`drH=?V!@wnfH8K6pQK`!5=E<*L5?%Lzl]S.ygO<^VXMdL@_.WJ9dG@^lBK1xFeBY[DP(hw9P-HC_#ttkY)te4s
.adnxs.com/	1970-01-20 19:22:00	Name: uuid2 Value: 1849218295587547325
.ctnsnet.com/	1970-01-21 01:58:00	Name: cid_e82e963d2872426ca5e7954534ee96e2 Value: 1
.ctnsnet.com/	1970-01-21 01:58:00	Name: gid_CAESENQHO1gnkdGs9TAR4lcohpk Value: 1
.blismedia.com/	1970-01-21 01:58:04	Name: b Value: 658A058265A65FB691E56917BLIS
.adform.net/	1970-01-20 17:57:02	Name: C Value: 1
.yahoo.com/	1970-01-21 01:58:21	Name: A3 Value: d=AQABBIIFimUCEEWraNL2WHrE2Mp4ZoR0AYsFEgEBAQFXi2WTZQAAAAAA_eMAAA&S=AQAAAnj8ImVLeKzT6jbsS-9whIc
.adform.net/	1970-01-20 18:38:48	Name: uid Value: 309778347894273888
.tribalfusion.com/	1970-01-20 19:22:00	Name: ANON_ID Value: a3ntuJM0ing9PBmSTEpS6BsMiDmmYaUswls1080jpCZcZdSUbZd7AZdUHr5ajDpvivM0ZcYlIoM6JemTHslyqghZblYH50

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
javascript	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0840729773249552&output=html&h=280&slotname=1690737932&adk=3129314618&adf=980083703&pi=t.ma~as.1690737932&w=729&fwrn=4&fwrnh=100&lmt=1703544192&rafmt=1&format=729x280&url=https%3A%2F%2Fwww.xn--12c4cbf7aots1ayx.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703544192277&bpp=1&bdt=1753&idt=215&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8297435567579&frm=20&pv=1&ga_vid=135566721.1703544192&ga_sid=1703544192&ga_hid=1274857062&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=273&ady=1023&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C42532599%2C44795922%2C95320884&oid=2&pvsid=4038426443409515&tmod=1150000754&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=220 Message: Access to script at 'https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019' from origin 'https://googleads.g.doubleclick.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
c1.adform.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ipac.ctnsnet.com
match.adsrvr.org
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
s.tribalfusion.com
s0.2mdn.net
scontent.xx.fbcdn.net
static.adsafeprotected.com
static.xx.fbcdn.net
tpc.googlesyndication.com
tr.blismedia.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.xn--12c4cbf7aots1ayx.com
x.bidswitch.net
www.gstatic.com
104.18.36.155
119.59.116.158
142.250.185.194
142.250.185.226
15.197.193.217
172.217.16.134
18.197.41.124
185.89.211.12
216.58.206.34
2600:1f18:1aca:4281:c66c:cb3:5c51:6f9b
2600:9000:243d:ba00:8:48e:53c0:93a1
2606:4700::6812:18ad
2a00:1450:4001:800::2003
2a00:1450:4001:803::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:830::200a
2a00:1450:4001:831::2003
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:d29:3601:6fd2:d99:7ec0:a92b
34.96.105.8
35.186.193.173
37.157.5.84
52.209.40.41
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f2aac94d011ec45570ef1245e5fc8df73ebd09b1c6859c5a8393df5336e01b2
13e64e2153618f475e94e0e85fa68c9ce910cfc9b24ca9d44fa546a7d2020a24
1511fef487a5a04cf2a5c0440b5b47b0d3453f99d93b3663f226e5d254a2c0ba
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1a4a6bf3d8b95e6edb2426c1a5ce01e0dc293c679c11717e5460d0c65b1969d0
1c2ec9753492093bda6ef67d572f1b47451d1aa4ba702915aef375c71695e030
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
23d5176b98455d1d7b5eee69e3964888e7e88f2539345885d4532637c87cee9b
24f899b83502b127d8dbe4428b3fb9b4de937eb72d6df8d7572ec40e0496f567
250d1754276fdbf27801c0b29972957008a92485b0ba73f5c1b827d883db4eb6
259f7b6c8678f4150acb1ac51e33947595c7c6ca3b8bf85568e1b7d966fe307b
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
28635e590018f1c9ac45810a174e67af44e0478f758ec74c632d9ac7f36433a4
29ccbdfe79b0b168077c12ece53531c998b5ace82bd32487286781509ec6e82f
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2dd4d5b016f0312fe5b7673611fee7534a1749421d38f0010186feb5b24698ab
2eef6407816a478e570955ca766a089e471801d8ff516626a776d276ba3df5bf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32ab0a5c85cabdb695704b5128a8fb7c9a8dfa3242cc36ceda6bb0650a45b35f
369570af203fe832b39be7ff64f94f07b6c97c928b733a9b9e6c8bcf1a98652c
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3e4aff932cafd42e55b1af0534929b42c42cce514e67029b00d55992cd96f5fa
3f42a06bfc3875268c9e2a7cf71b69a0cf1792491ff62fb5e1d849429b1cd5d9
3feb772d2607cc88c3a2314adf1e289b3136db119984defc8d5fa3a30998ffed
41947949348419f17c54bc7c518befd832ad2c98ccf0f23157ae94b2a97ad78a
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41df37eb76edace45dc1e786798badf87d8ad1b4643b47526400751d1f8f5a8e
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45323d7e874b88d68ed00fbb2a226b8e0cbc7f776ce930de33e96d09cb59632a
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
4a4ce4cc9de9b9337c9591716670e26c1ee79f11a5ff24a0476cecfb23d0604a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376
4eefdd923f73deeaec9e4ecb4cc3fae74379145f0fd3f5892165326bce8ed0ea
512d5d6572ddb0cc29b384886845203daf705cfc32970485b040650c73934bb7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5651532852631e522b47316277d2e45bfe0a3d8214e2533fe1f837324f2f2746
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5bcadbc52cc7d5d4043666f1e9641f75f918e5fdecc8c99e17e1c0a9a02ad6cc
5bcb3ba5be62072a5be691a6cb4625b83ab20458f7543e78575c665ce64743c5
610b3d8cbdb9453b0803cd5eed57641182a5d08567ffa22ca84cbc5cdc1767cd
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6997a1c113e1456f6e1a6f5d1518d65699edfde404d7094f247c0b133f5aaec3
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6c80751db16c41b3491a5fefb8c1308e5b108c740fc57a5d160ba7b8634582cd
6dc358d9251c5d3838f6928c2b7d9a4f0df98d97fb5c1e4cf7a1fa080de25742
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
751b219b5e00b479f72291d82d001e5a1d76f62f1945774e8b161c9f194c495c
779560b566f055003c68dd89d16a1411bd308db8bcfbc6acfa37ee6f3292988e
79ece3368eda382c30d76f12ef09050ea92ed3ac2c1eb18171e440d517e7b6a6
7dbe0842b587c144bdb5e2ac8e98ddaa581ffe3cffbf8da3fa4005427bbe0033
7f5fb9a89ea48833989b0880601fd972784b05cebfe2a3983b8ae09402258b12
8158ec4920e56424c77cc2077a031ae47cc35e0b2554aef8dc3ca4cb5caea56b
817d487ca1a6b6b8350faa33d5abcffea72414e702b45b47648bdf87cd0bafd7
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
845f85e1514e9daf9bbdce8848cfb2291516fd1c08b33b5442866771fdcae064
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
88b480c159531651a2d6e8cd9e1f9a5615265d5d8ad00d5c3cf874b565c85077
8a170f5913eecb1afeda4cccca5d5b9589c8f068a04ae2c517b602e1484982b4
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fe9332d0b3e8f02207504e4165b9d33f0fe49223fa9ac690dfaa910344f7570
9380a1a7283460146651eea364b6e80968da43b478f299dfdb2da42eaf91e9ef
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
98943ace7e40462eae22caf1645fadbf7e7d59b696cd3ed0391837e0efa41801
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c27626364eeaffb44ad2decb980dace7bedb3c8ea1575f81927fc9409cb5b49
9df730dfad6435ec8aa184f48fe947ef12587d0deed88f4ef84196c2dbc4fea3
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a015f51999f21d2db2f7ba880e7b530bd8424b18f488784694ccf6f1f88bda39
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a108cb45f83451bb7fc6092071393cf2210d41d142d38f09168055acb2395264
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad77437eca0516a573c0ea468ad25eaa732e2008924d763ea6217fb12860abd4
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2230bec4800a1c1f41282cdea971eb3be0f0deeb0fc2c061711cf6c814cb163
b247c2754d8fd6b3c3f9ee64d67fd16d93ff30bcdbf8955f83cd9055a0638c69
b4fdb9261dfee8c54937ec751b7ce1d472e4656f516ecf8b5f1f0d54818ce795
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b671e2140966063715d21667867d60de45adc723cd1b31e0d2f7466105a90247
b7a8490d7353f4d29b7a7c0e0da1a610d1067d0bfdbb8d88df5764651b9d25fe
b8cabdb3b158fe0bb430e7ceaaf4104c0f44f45881ad407a0a4b31ff5cda38fe
ba1997f13a9a9fe348856527a3c4fa3bfdf77052eccd5b94b8ecfb60bcde05aa
baa16932743d82a2919d33ff0226b146c2a1905b0aee5e9721e045f4c7fa9a25
bc5d7eb740f68d2aea3eada42ab335fc93ce2d6600a3734a6baf70071680a450
c463e5642befc75d0729322eff15936ab41cc19c61dd6253b63275b8069c4adc
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6de46a1a810eea0e138ca97ee542cc5e95e8152974885e729c82606a333be28
c938f540999b5c15290702b05e7aeb22190a8148adf8ec4b768de6e4170ea28a
c9ef1ee20fc901caf4d6013633f0d56592523d62ae955afc869405b319b22310
ca15ac1540010cea7015b4e4ec35c33cd999430f4bd5221b94e66d319456b2b0
cdd15c7795929a9f8ae2027e000d527cd843e3b170e2f8cdcf7870fd5ab5fb7c
d1cfecac22ab03d2b82e23c62a3e7ee08d1280190e360f18dfefe7ee2f7e770b
d3460d76a3013a4bb9c689877b41f3eadbf5e780ed9230fb8f8bbd16fcc59842
dc35eff3391328df5cbe0fef3fbff29f391a1a6f24682edcc625e9e1f567821f
dd50ba290f74d344ad0d04ade63c55b02360bf4db99c0a2749f34deb0c8dcec9
dea5d8ba9e54379b26e109f61ceba20a0781d4f80eed75fce6ad0993d4784195
e13459782d7fc46c73821602bedc17cc2b3a2dc5ec07e91e30ed715193698a94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61a5274401d098ca96cd8b36e4030f75bcb644047b18cf0deb1f916c863f126
e7de86652306d72730566bc077d25422471013eb01dd784a6187a78552674683
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ecdff08d004f07b6313a937fc1c0e534b433144764a5b6a621a8130764405400
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbafa1c2dc05f9956826b3764660b80b0a523f22623c56fff8a14cfca74b249
f08c80c68d49801ca85d0c10e1965d966920ea7ed4707f575b12ba7912247c64
f3260225ba132e9bf8956514e81f6136265ee05250271a027bb2029cbbf4651d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6de3574f4030ad25ad1374004dba3c1b46323c38524b730d8bcdb4697026ac9
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb0d84500d849cff357a25427727ea7479b798793fcc61d6d99126ffc5c58c0c
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc

www.xn--12c4cbf7aots1ayx.com Open in urlscan Pro Puny www.ประกาศผลสอบ.com IDN 119.59.116.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

199 Requests

91 %HTTPS

54 %IPv6

21 Domains

30 Subdomains

26 IPs

6 Countries

2510 kBTransfer

6179 kBSize

18 Cookies

1 Outgoing links

Page URL History

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.xn--12c4cbf7aots1ayx.com Open in urlscan Pro Puny
www.ประกาศผลสอบ.com IDN
119.59.116.158 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

91 %
HTTPS

54 %
IPv6

21
Domains

30
Subdomains

26
IPs

6
Countries

2510 kB
Transfer

6179 kB
Size

18
Cookies

199 HTTP transactions
9 data transactions