www.weego365.live Open in urlscan Pro
2a00:1450:4001:80e::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.weego365.live/
Submission: On September 07 via api (September 7th 2023, 11:17:07 pm UTC) from US — Scanned from DE

Summary HTTP 193 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 3 countries across 18 domains to perform 193 HTTP transactions. The main IP is 2a00:1450:4001:80e::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.weego365.live.
TLS certificate: Issued by GTS CA 1D4 on August 12th 2023. Valid for: 3 months.

This is the only time www.weego365.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a00:1450:400... 2a00:1450:4001:80e::2013	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
6 18	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2009	15169 (GOOGLE) (GOOGLE)
1	146.75.116.193 146.75.116.193	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::6815:1ccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
9	185.244.36.136 185.244.36.136	62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.)
6	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
46	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
12	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
18 18	2a04:4e42:200... 2a04:4e42:200::347	54113 (FASTLY) (FASTLY)
18	2606:4700:303... 2606:4700:3033::ac43:d26a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
193	24

8 2a00:1450:4001:80e::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.weego365.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.anubis-web.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

dev.anubis-web.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mwaqet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:1ccc (United States)

ASN13335 (CLOUDFLARENET, US)

www.fontstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.244.36.136 (Amsterdam, Netherlands)

ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: web0144.pwxs.nl

host.anubis-web.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a04:4e42:200::347 (United States) 18 redirects

ASN54113 (FASTLY, US)

cdn.statically.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3033::ac43:d26a (United States)

ASN13335 (CLOUDFLARENET, US)

stad.yalla-shoots.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	942 KB
25	gstatic.com fonts.gstatic.com www.gstatic.com	279 KB
18	yalla-shoots.io stad.yalla-shoots.io	68 KB
18	statically.io 18 redirects cdn.statically.io — Cisco Umbrella Rank: 9616	2 KB
18	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 53	267 KB
14	anubis-web.com dev.anubis-web.com api.anubis-web.com host.anubis-web.com	86 KB
13	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1180 www.googleadservices.com — Cisco Umbrella Rank: 156	603 B
13	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 12624	3 MB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	453 KB
7	googleapis.com translate.googleapis.com — Cisco Umbrella Rank: 1124 fonts.googleapis.com — Cisco Umbrella Rank: 58	81 KB
6	google.com 1 redirects translate.google.com — Cisco Umbrella Rank: 1318 www.google.com — Cisco Umbrella Rank: 2	31 KB
5	weego365.live www.weego365.live	121 KB
2	fontstatic.com www.fontstatic.com — Cisco Umbrella Rank: 301074	71 KB
2	mwaqet.net www.mwaqet.net	13 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1977	310 B
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7494	7 KB
1	blogger.com www.blogger.com — Cisco Umbrella Rank: 10120	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	90 KB
193	18

	Domain	Requested by
46	tpc.googlesyndication.com	googleads.g.doubleclick.net www.weego365.live pagead2.googlesyndication.com tpc.googlesyndication.com
18	stad.yalla-shoots.io	www.weego365.live
18	cdn.statically.io	18 redirects
18	googleads.g.doubleclick.net	6 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	www.weego365.live pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
13	blogger.googleusercontent.com	www.weego365.live
13	fonts.gstatic.com	www.weego365.live fonts.googleapis.com
12	www.googleadservices.com	www.weego365.live googleads.g.doubleclick.net
12	www.gstatic.com	www.gstatic.com translate.googleapis.com googleads.g.doubleclick.net
9	host.anubis-web.com	dev.anubis-web.com
8	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
5	www.google.com	1 redirects www.weego365.live googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.weego365.live	www.weego365.live
3	api.anubis-web.com	dev.anubis-web.com
2	www.fontstatic.com	www.mwaqet.net www.fontstatic.com
2	www.mwaqet.net	www.weego365.live www.mwaqet.net
2	region1.google-analytics.com	www.googletagmanager.com
2	dev.anubis-web.com	www.weego365.live
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	i.imgur.com	www.weego365.live
1	www.blogger.com	www.weego365.live
1	translate.googleapis.com
1	translate.google.com	www.weego365.live
1	www.googletagmanager.com	www.weego365.live
193	25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.anubis-web.com

Subject Issuer	Validity	Valid
www.weego365.live GTS CA 1D4	`2023-08-12` - `2023-11-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
dev.anubis-web.com E1	`2023-08-08` - `2023-11-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
api.anubis-web.com GTS CA 1D4	`2023-09-07` - `2023-12-06`	3 months	crt.sh
mwaqet.net GTS CA 1P5	`2023-08-03` - `2023-11-01`	3 months	crt.sh
*.blogger.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
fontstatic.com E1	`2023-07-16` - `2023-10-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
anubis-web.com R3	`2023-09-07` - `2023-12-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://www.weego365.live/
Frame ID: FE4710F4FC0D08CD418D5AF60BB149FD
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html
Frame ID: BE3D25A8F4B33613F79B0148AF40E228
Requests: 1 HTTP requests in this frame

Frame: https://www.mwaqet.net/embed.html?with-country=2&with-city=36&with-lang=ar&with-sunrise=1&with-city-desc=1&with-city-time=1&with-difference=1&with-developers=1&with-color=e53935
Frame ID: C861B44D0179C410569C13C3F4E3181A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&adk=1812271804&adf=3025194257&lmt=1694113591&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.weego365.live%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128619399&bpp=3&bdt=217&idt=296&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3663550989497&frm=20&pv=2&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=313
Frame ID: 763123D4E3BDDA808FE7D46C08E08DBC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&slotname=4187942542&adk=3091118472&adf=1599841384&pi=t.ma~as.4187942542&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128619402&bpp=1&bdt=220&idt=312&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=heW5lD8bx4&p=https%3A//www.weego365.live&dtd=315
Frame ID: A577DA007CB0804091E77A2FD6E0B3D4
Requests: 15 HTTP requests in this frame

Frame: data://truncated
Frame ID: C2B48C683A336FA42A7050016F250DA0
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css
Frame ID: C50F1BBEC203E5AB1B7F71F6D9F1377C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=3088186576&adf=289864595&pi=t.aa~a.2191005173~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280&nras=2&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K01U4nPxYT&p=https%3A//www.weego365.live&dtd=4
Frame ID: E0A0383C84D9609638C546FDC5AD8324
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=439085777&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1050&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1050x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Ip7YTjx58N&p=https%3A//www.weego365.live&dtd=8
Frame ID: 435D0468667FCD88E82B8CD807354228
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=90&adk=196179062&adf=900330&pi=t.aa~a.3308930158~rp.1&w=1050&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1050x90&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1744&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1050x280&nras=4&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=OsJaqJDS5m&p=https%3A//www.weego365.live&dtd=11
Frame ID: B03B7DC40D910049E5507D374500088E
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Frame ID: 65A9759BD985F22482CC38DEA9869FDE
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Frame ID: C6D15803EA50662AC42712DCE62D0DFC
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Frame ID: EE28539B435D026C7CD0CB6B8555CAC8
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8072EFF9959FD64126F0228B71C09498
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 919DF33459E602A99BCFF28D6923E069
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: EE260EB469E244EB591FE1005F27E2FD
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 4BBD8DC4ED24EC4B84F40818C73F4565
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: AB666E65E910D89C18BEE03C3A880CBA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: AB00023BDB69798E9CE465595A4B5D01
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 0E6C5818A2DD6A283B284F9FF044B376
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 820364EB2D3485AC2C083533CAD10D9C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 36C2723662C786F21BBCE98AAD525437
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: CC6B44EB2C35D780BF49C55E1DEB182A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js
Frame ID: 5FA11E4C2323F2868A6BE47E0F4440EA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 88942B602EFD6C89FAB164741D93E9DE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B8628FC39570EF4ECD2ACE43F657EB39
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Weego 365

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

193
Requests

88 %
HTTPS

87 %
IPv6

18
Domains

25
Subdomains

24
IPs

3
Countries

5218 kB
Transfer

9412 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/

Search URL Search Domain Scan URL

URL: https://www.anubis-web.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://googleads.g.doubleclick.net/pagead/adview?ai=CahRB61n6ZLn-MMiPygX4n4uIB9HKu9Zy89O0_IISl8Tz_QgQASDp6d2PAWCVgoCArAegAfTFzfwDyAEJqQLrU9efRPOxPqgDAcgDywSqBNABT9DZV-QsHp7824xcV3I7Lf7dkDQ6wCe5UYnm6jsN4l3IN8gkNhgqGd1SqpUaZ5PfkzympBRi5mOCoRByUg1GSRpIAbVsHY30d5iKeCIzS4fenWtvBszefGuD-1esYfux3RjoZTG-7dWbftUD13YKNaNBGUxcECDY3TOzwBKwscAUlflie7mixmKxwPpVLqMTKVEX-EP5oVUMdS4B-j6va4yXSapaITGk5OQaxK00n42It2_Wkzf-RihVABvMnkc0D-U7eoj1T7M5aDgbxxQBZcAEv5LXoLUEiAWUr7zxQ5IFBAgEGAGSBQQIBRgEoAYugAf0ubIDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ6P9k0ggWCIDhgHAQARgfMgLrAjoCgEBIvf3BOpoJL2h0dHBzOi8vd3d3LnBhcHN0YXItc2hvcC5kZS9iYXlyaXNjaGUtdGlzY2hkZWtvgAoByAsBuBPkA9gTAtAVAYAXAbIXHAoaCAASFHB1Yi04MjYzMDE0OTEzMDU0NzQwGAA&sigh=jEhT7gq6u3I&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWxxj0Fzzok_kiZXXfvZNlYX9dKxZ20hgB&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225807786637312961854%22,%22debug_reporting%22:true,%22destination%22:%22https://papstar-shop.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221066623732%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221827683463143286129%22}&andc=true

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 108

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/1xBWyjjkA6vEWopPK3lIPA_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/1xBWyjjkA6vEWopPK3lIPA_96x96.png

Request Chain 109

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/AKqvkBpIyr-iLOK7Ig7-yQ_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/AKqvkBpIyr-iLOK7Ig7-yQ_96x96.png

Request Chain 110

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/09/bKgDua1kwIWk6-kiuusSnQ_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/09/bKgDua1kwIWk6-kiuusSnQ_96x96.png

Request Chain 111

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/5hLkf7KFHhmpaiOJQv8LmA_96x96-1.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/5hLkf7KFHhmpaiOJQv8LmA_96x96-1.png

Request Chain 112

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/lYah1Uqw37XdicC6C4HNqg_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/lYah1Uqw37XdicC6C4HNqg_96x96.png

Request Chain 113

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2022/01/S6c0DAVGaMnXlQbh3-Vpiw_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2022/01/S6c0DAVGaMnXlQbh3-Vpiw_96x96.png

Request Chain 114

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/QoAJxO46fHid3_T-7nRZ0Q_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/QoAJxO46fHid3_T-7nRZ0Q_96x96.png

Request Chain 115

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2022/11/costa-rica.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2022/11/costa-rica.png

Request Chain 116

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/ZH7SDm7MIMjzcxLI4F3Tyg_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/ZH7SDm7MIMjzcxLI4F3Tyg_96x96.png

Request Chain 117

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2022/10/eswatini.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2022/10/eswatini.png

Request Chain 118

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/hYrtTF982kN3GcYNdSPL9g_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/hYrtTF982kN3GcYNdSPL9g_96x96.png

Request Chain 119

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/09/oVYdBtXnJXYVX_OM4U75Ww_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/09/oVYdBtXnJXYVX_OM4U75Ww_96x96.png

Request Chain 120

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/6APs2PMKgCrh97J3QEz5Yg_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/6APs2PMKgCrh97J3QEz5Yg_96x96.png

Request Chain 121

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/HJ3_2c4w791nZJj7n-Lj3Q_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/HJ3_2c4w791nZJj7n-Lj3Q_96x96.png

Request Chain 122

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/9toerdOg8xW4CRhDaZxsyw_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/9toerdOg8xW4CRhDaZxsyw_96x96.png

Request Chain 123

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/haAD1SXbO8U5DrW0FjJCPw_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/haAD1SXbO8U5DrW0FjJCPw_96x96.png

Request Chain 124

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/zZzKmdy0FsJ159f9r0vxrA_96x96.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/zZzKmdy0FsJ159f9r0vxrA_96x96.png

Request Chain 125

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2023/05/south-sudan.png HTTP 302
https://stad.yalla-shoots.io/wp-content/uploads/2023/05/south-sudan.png

Request Chain 143

https://googleads.g.doubleclick.net/pagead/adview?ai=C9H4G7Fn6ZOqaPPq0xdwP0fSD0AnG24PncsrT6eGtEf2AzODVDhABIOnp3Y8BYJWCgICsB6AB68G6uwLIAQmoAwHIA8sEqgTVAU_Q52J24_sXvc-ngE3K-Ot-mhBDiQf49IyHZ_94lQC69xRHDuFmHq5BqhGkFTqK3e4nufBprQKWMTWAqg5IZIpV3_HZSxbfJsb4C5YCO93fGjSLa4P0O0ispRzSP0A424gDb2MSQjdEYcAwfXy3C4qMRTHcMBk7zRduMTRb8d9KaqLm7TxFgIs1d0Xw6cIj-F7VgP4T4N_eY7b2F5AvExnd1QTJ8pHITceDtA0r5i9o7VY4WRqDAKKe1iLfJJ7RHiKKrnUQCD_OW46nnuZ-B4dAbvVbQMAE1vWr_pkEiAXv3a7qNJIFBAgEGAGSBQQIBRgEoAYugAfDtL_LAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPTeBtIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCTZodHRwczovL3BsdXRvLnR2L2VuL2xpdmUtdHYvcGx1dG8tdHYtZGV1dHNjaGVzLWtpbm8tZGWACgHICwG4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTgyNjMwMTQ5MTMwNTQ3NDAYAA&sigh=1N8aUvyYb4k&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWLkJ0nEh_wPqp3t5Axeh3vQRfjGvOadhkLsFKI1xBwtGyscB3IXU6K5ygzX5HAFsT8-MwscRpGAE&template_id=484&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211770251411183038753%22,%22debug_reporting%22:true,%22destination%22:%22https://pluto.tv%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22661561579%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221489965162274899745%22}&andc=true

Request Chain 144

https://googleads.g.doubleclick.net/pagead/adview?ai=CjDec61n6ZJaRMLyMjuwPsu6v2Ajwoaqgbb2Jtbu3EdrZHhABIOnp3Y8BYJWCgICsB6AB4ZSt0wPIAQKpAutT159E87E-qAMByAPJBKoE1QFP0E5fxIYQlFrXeFN66DRWsRTMgIhNkWL44vStSJN3L7uPUhPVwOxQvFeQQ3i4v7sveazJTjyQpaOzn_0aC_LxcvuvqOKUtWmgYKevNsWqEOM7MDcC8LA1WU_hZNjrUGRR1BACnyoOi90xJkL5w0_JmEc20dlannwITy_SGKAiQzNFl7eiI-TqCxncJ30XrTxdSr-fvjTFnnQlrNcVMAwVMKVxzExG-4IQD0rKjgWM74Ft4xNnEvG2pDmL2bEYguEL4fuIAsot17dMczVfeI4LChWkwnzABJWmh-3sA4gF-4vVyDuSBQQIBBgBkgUECAUYBKAGAoAH8bPfjAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDY9ArSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6mgkpaHR0cHM6Ly93d3cua2F1ZmxhbmQuZGUvc2VsbGVyLXNpZ251cC9kZS-ACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItODI2MzAxNDkxMzA1NDc0MBgA&sigh=cMxUUjVugxY&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWZOfDP3PKrODAj5g0NOdh2eQ1H6zQhhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227066434565599422010%22,%22debug_reporting%22:true,%22destination%22:%22https://kaufland.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980109921%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214121142416875078801%22}&andc=true

Request Chain 156

https://googleads.g.doubleclick.net/pagead/adview?ai=Ctqsq61n6ZJWRMLyMjuwPsu6v2AjUlcDtctPy0pneEeq2jPG-ARABIOnp3Y8BYJWCgICsB6AB8NmkpAHIAQGpAutT159E87E-qAMByAPLBKoE5AFP0NulFLA4w8o8C65kLYBzIBBgSA3W9rxbRB0uPpnmZA5ZOU8Stv-4dnNlBxXJ22r7lXMAjn8_ZOMUCQoMyUcqcEzhLi0uMqYKSlhICfsJxqZVVaMp_yAg6PhWxUWS26oEIggk-IpmYDEHiYr3Q6x0svJOCMTTbt6oy-mfxifVhoWy0VdMBScR37eZvTMeNBOit6_Ejm5d0zUl3colFPFa4JTURlpPMwOU4czDbuD8TVuREf_-AvZ2nrfd9khUw_Q9lmtoHUDLzPLqF-fSBWJsOE4yFia1JDxxxa3tiaSKfNuthwPABJrBy96jBIgFuLPxiUqSBQQIBBgBkgUECAUYBKAGAoAH-KXb2wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCiohvSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6mgm3AWh0dHBzOi8vd3d3LmRldXRzY2hsYW5kLXJlaXNlLXZlcnNpY2hlcnVuZy5kZS8yMDIyLzAzLzAxL25ldS1zb25kZXJwcm9kdWt0LXZlcnNpY2hlcnVuZy1mJUMzJUJDci1zYWlzb25hcmJlaXRza3IlQzMlQTRmdGUtZXJudGVoZWxmZXItaW4tZGV1dHNjaGxhbmQtZGVyLWhhbnNlbWVya3VyLXJlaXNldmVyc2ljaGVydW5nL4AKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi04MjYzMDE0OTEzMDU0NzQwGAA&sigh=PyN5YGVcXUo&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWZOfDP3PKrODAj5g0NOdh2eQ1H6zQhhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225910369797523699983%22,%22debug_reporting%22:true,%22destination%22:%22https://deutschland-reise-versicherung.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22344534256%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212400475805427151121%22}&andc=true

Request Chain 176

https://googleads.g.doubleclick.net/pagead/adview?ai=CRZQZ7Fn6ZLenPIqYywWnj6W4CMbbg-dy8tPp4a0R_YDM4NUOEAEg6endjwFglYKAgKwHoAHrwbq7AsgBCagDAcgDywSqBM4BT9D_9q5aNcXnnPWuyPw_n_h6axqr2r9GISdAT3JzxrHn-uHj0Y2Wf3cnr4fyj9s8pHIm5-iIgbZhfVN5OgOxOIyKLE1p3-6_iVgk92ypof-uBCzK74PPEQsP8S3YQ2AT-6C-8xOG1RTYsljxwPAKVpwbGnvHXu562dnt6yM47i1ztVbKskDgaxX6gZRjPC_7vaM7SLKs7TPpAwAme47u6uu34m-g-tv-wb2xsnpGlzabuGasoOlgUGg429Cx4WcMvJQ7HShdBzfB2Pmc013ABNb1q_6ZBIgF792u6jSSBQQIBBgBkgUECAUYBKAGLoAHw7S_ywGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDT6QLSCBYIgOGAcBABGB8yAusCOgKAQEi9_cE6mgk2aHR0cHM6Ly9wbHV0by50di9lbi9saXZlLXR2L3BsdXRvLXR2LWRldXRzY2hlcy1raW5vLWRlgAoByAsBuBPkA9gTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MjYzMDE0OTEzMDU0NzQwGAA&sigh=eCyWyvAUU9s&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJW2Imwssr8mHBWXmmyplWdg4ZMuUJ5qaAGgfk7kUfee-Cu_h1azxvw_KjMW8khVoJfaK7G7ouRGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226996406094365623815%22,%22debug_reporting%22:true,%22destination%22:%22https://pluto.tv%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22661561579%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228465220513989652017%22}&andc=true

Request Chain 177

https://googleads.g.doubleclick.net/pagead/adview?ai=CBc5S7Fn6ZKLkO_SHxdwPjLeE-AHG24PncprU6eGtEf2AzODVDhABIOnp3Y8BYJWCgICsB6AB68G6uwLIAQmoAwHIA8sEqgTPAU_QCFBZS7cZoL0o_VrzG2T818jPb2OMR0hJSgljLtKJF2GuAXU5Bgpxi-kRw9hjmYmWcuPPn6K34I8sP7bax3OBJ0bxYNbgDqpqt792pAzRdkegSY0E9-YLbN_pdItPa6bKNucRMWr6V58wdwJDhPFihZkJzUaQyxj8JoUlTOgCM_UvHD7rsBefSS9wFqbnvQ1M36x_yNMsvilgtYkjlUGQ7578ivcPfAxg0tBDMFAqwHuQMU2kciBHLIaCEtn8RHsI43wLD_7Se5gDjaVr68AE1vWr_pkEiAXv3a7qNJIFBAgEGAGSBQQIBRgEoAYugAfDtL_LAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELeuBtIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCTZodHRwczovL3BsdXRvLnR2L2VuL2xpdmUtdHYvcGx1dG8tdHYtZGV1dHNjaGVzLWtpbm8tZGWACgHICwG4E-QD2BMM0BUBmBYBgBcBshccChoIABIUcHViLTgyNjMwMTQ5MTMwNTQ3NDAYAA&sigh=o1XCvlUzY9w&uach_m=[UACH]&ase=2&cid=CAQSOwBpAlJWvaUznsK4rStkXUKXZVDOz4f9MMThgwdrSTNIZXlwT6bJIgS0QCCgDCKfGFSr2iIxT27V4VtZGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22244904015020196064%22,%22debug_reporting%22:true,%22destination%22:%22https://pluto.tv%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22661561579%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218054244103675431425%22}&andc=true

193 HTTP transactions
14 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.weego365.live/ 258 KB
86 KB 564ms
313ms Document
text/html 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a79acec595882303736d3005e588ec2b5feec7456f5477108cc6ae26686ec4bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0
content-encoding: gzip
content-length: 87251
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 23:16:59 GMT
etag: W/"1da383c214622b39bf371e6f10fb6b28da7b0d4d43d2d7543275558c60272a50"
expires: Thu, 07 Sep 2023 23:16:59 GMT
last-modified: Thu, 07 Sep 2023 21:06:31 GMT
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 159ms
80ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8263014913054740

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62f6cc0d7d2c7df1d698f6a61bcaca3a720d25222e7c54eb8ec0a6a9d40b0aa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Origin: https://www.weego365.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50630
x-xss-protection: 0
server: cafe
etag: 11626899378549646444
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:16:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
90 KB 106ms
42ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WK7VXJJE7Q

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed3176bf09defd32dd93789f648bac10e423d908c12f622d87648198846cbd6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:16:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92149
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Sep 2023 23:16:59 GMT

GET
H2 200 Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v3/ 8 KB
8 KB 89ms
28ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Origin: https://www.weego365.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 08:12:11 GMT
x-content-type-options: nosniff
age: 486288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8488
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:31:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 08:12:11 GMT

GET
H2 200 Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v3/ 10 KB
10 KB 103ms
42ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Origin: https://www.weego365.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 05:05:08 GMT
x-content-type-options: nosniff
age: 497511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9864
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:31:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 05:05:08 GMT

GET
H2 200 Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v3/ 8 KB
8 KB 86ms
25ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

453a980367e2c76aacb9c48ddab4f0732175bd0f2aefc257cfaa75dfb4dc2ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Origin: https://www.weego365.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 15:06:45 GMT
x-content-type-options: nosniff
age: 461414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8600
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:34:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 15:06:45 GMT

GET
H2 200 Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v3/ 10 KB
10 KB 83ms
22ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

773d39d817342d38ff8203ede93c2280d9f4e6cbeac425fe09bdb7decddc65aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Origin: https://www.weego365.live
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 16:27:46 GMT
x-content-type-options: nosniff
age: 197353
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9988
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:34:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Sep 2024 16:27:46 GMT

GET
H2 200 AVvXsEgpeNF5mcCdBFkAa24kdHAHXXdg6sFHrNEUbSxz-SwoEN5qbj_3QHol1_Cr7IhTtBllk_RqdTIIbno9jH408Fm10Kuz4aj73PV-AcyatY8UX6OzEqVGV-DhQKw_ipgKaCGqnEoa8h9WB0_S7KiYBdCBiOt68dPSCwJZXGOKtLeh7Dl1PHzwwuMtqgjP6A=w300
blogger.googleusercontent.com/img/a/ 8 KB
8 KB 306ms
219ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgpeNF5mcCdBFkAa24kdHAHXXdg6sFHrNEUbSxz-SwoEN5qbj_3QHol1_Cr7IhTtBllk_RqdTIIbno9jH408Fm10Kuz4aj73PV-AcyatY8UX6OzEqVGV-DhQKw_ipgKaCGqnEoa8h9WB0_S7KiYBdCBiOt68dPSCwJZXGOKtLeh7Dl1PHzwwuMtqgjP6A=w300

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

323b1f66ec4b55534790e19f078cb2140951e97fdc214fd7d5808a3095013162

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:16:59 GMT
x-content-type-options: nosniff
server: fife
etag: "v6"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="wwg.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
expires: Fri, 08 Sep 2023 23:16:59 GMT

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 85 KB
30 KB 143ms
57ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a54980a3e86d82600a56306038bf53c1db0adaa1960a3f94ab173cb99ada7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 23:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loading.svg
dev.anubis-web.com/media/ 2 KB
731 B 317ms
58ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.anubis-web.com/media/loading.svg

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4772f6ef2b349725eb4cd8d3fd882f9dd33616e1c61072edc1d9c10af92f0448

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:16:59 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4d954a461e4e940dca25086282b363a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1wL0BS3vMdoE%2F9YxoB1qG7d2ZmMu4yZ%2F0qIMXyNpRQDxuIlBS185sk5%2Bt976ZqyQZNB%2B0vp9Lqh1HLIAD2usKL8IQQIofl09G%2FYyN6Rw%2BhnKiQHCq%2FrfvDUPkHm5GknCdKJXWQ%2BGjQmju2Ma6IyWwTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8032a99fcbd95b9e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 TMA.js Show response
dev.anubis-web.com/TableMatchAuto/ 57 KB
22 KB 313ms
54ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.anubis-web.com/TableMatchAuto/TMA.js

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7867828f2146c09815d9baf1a9f606c4d349bed53ef6d98775aadefb4acb17f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:16:59 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"06256e0021868937f6104e467348600c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0mjVyr6wHzur%2BVSEzi1Sugc1%2FXXCFdP7TSchVSZkHhivPvjTwY%2F0hDG9HExvtB65Ry5TiYUIdVohA9ZLq50nMCYOCJP2nWyajlS%2F3AOW%2Bjgk87Uh22I1MQ55de7hqGVmY8w2a44CI1kawEX3tbLtjA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8032a99fcbd85b9e-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 405 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e5fe8221d8c619e027a1361385ed3dfad74b776ceefe6c7d8a9c495490bf9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f70d6c2f7dd66ea25be0ac27dbc5b0318851f1222b9fbe934a70d5719af408e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1018 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bef43c6eb0191b3ab578e28739a8c52988c01231132067c9662f11aa576a3150

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 100ms
41ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WK7VXJJE7Q&gtm=45je3960&_p=200453868&cid=2001803934.1694128619&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694128619&sct=1&seg=0&dl=https%3A%2F%2Fwww.weego365.live%2F&dt=Weego%20365&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WK7VXJJE7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 23:16:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.weego365.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/ 22 KB
5 KB 79ms
20ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.JIFGRsb1dOQ.O/d=1/rs=AN8SPfqGAd36_847zaiOisStthKtbIkfWA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 18:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Sep 2024 18:38:07 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.JIFGRsb1dOQ.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqGAd36_847zaiOisStthKtbIkfWA/ 216 KB
76 KB 100ms
20ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.JIFGRsb1dOQ.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqGAd36_847zaiOisStthKtbIkfWA/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.JIFGRsb1dOQ.O/d=1/rs=AN8SPfqGAd36_847zaiOisStthKtbIkfWA/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f057f2ea50996360cb788c5fc87da25674f5a3b48dc1d549440ae68817597415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 17:39:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77700
x-xss-protection: 0
last-modified: Wed, 06 Sep 2023 15:12:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Sep 2024 17:39:49 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ 377 KB
128 KB 139ms
96ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8263014913054740&plah=www.weego365.live

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8263014913054740

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9e508e923c9773f21cc40cf6dd9931ceed90f0696cb33fb05ca0c4a77a861e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:16:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131261
x-xss-protection: 0
server: cafe
etag: 11520000870799320718
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:16:59 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/ Frame BE3D 10 KB
5 KB 86ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8263014913054740

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81475
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 00:39:04 GMT
etag: 8554266389219770021
expires: Thu, 21 Sep 2023 00:39:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97b47c58e662804749691df086e253e424ffe0b8e6f9a976ff26fe58a29aba8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 Act_TMA_BG Show response
api.anubis-web.com/feeds/posts/default/-/ 8 KB
2 KB 589ms
375ms Script
text/javascript 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.anubis-web.com/feeds/posts/default/-/Act_TMA_BG?&alt=json&callback=AN_580198481934

Requested by

Host: dev.anubis-web.com
URL: https://dev.anubis-web.com/TableMatchAuto/TMA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

6be1cc006c9757f06273e2c06d559901238c524dfa1b151d6b93905c1ce1b7ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Aug 2023 14:58:13 GMT
server: blogger-renderd
etag: W/"8ce7f01ec593b0432d8c44b649b78a696ece784695ee1c07f9acb165b1d199e4"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 2010
x-xss-protection: 0
expires: Thu, 07 Sep 2023 23:17:00 GMT

GET
H2 200 Act_TMA_BG Show response
api.anubis-web.com/feeds/posts/default/-/ 8 KB
2 KB 1034ms
827ms Script
text/javascript 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.anubis-web.com/feeds/posts/default/-/Act_TMA_BG?&alt=json&callback=AN_832806257529

Requested by

Host: dev.anubis-web.com
URL: https://dev.anubis-web.com/TableMatchAuto/TMA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

46b5be1bac36cf3d7600e24ec108d29542c12663b984751538a68650027947f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Aug 2023 14:58:13 GMT
server: blogger-renderd
etag: W/"8ce7f01ec593b0432d8c44b649b78a696ece784695ee1c07f9acb165b1d199e4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 2011
x-xss-protection: 0
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H2 200 Act_TMA_BG Show response
api.anubis-web.com/feeds/posts/default/-/ 8 KB
2 KB 1030ms
824ms Script
text/javascript 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.anubis-web.com/feeds/posts/default/-/Act_TMA_BG?&alt=json&callback=AN_199392014529

Requested by

Host: dev.anubis-web.com
URL: https://dev.anubis-web.com/TableMatchAuto/TMA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

195b91d89b2c7a3d903ba8ba06d4dff570ab026d51a34bf618a595f6bada9529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Aug 2023 14:58:13 GMT
server: blogger-renderd
etag: W/"8ce7f01ec593b0432d8c44b649b78a696ece784695ee1c07f9acb165b1d199e4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 2011
x-xss-protection: 0
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 embed.html Show response
www.mwaqet.net/ Frame C861 13 KB
3 KB 123ms
65ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mwaqet.net/embed.html?with-country=2&with-city=36&with-lang=ar&with-sunrise=1&with-city-desc=1&with-city-time=1&with-difference=1&with-developers=1&with-color=e53935
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7680a1c109a61aaf36a801b60a3584201907da4d93fe361ff0cb2af8ab3b1404

Request headers

Referer: https://www.weego365.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8032a9a09acc5c3e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 07 Sep 2023 23:16:59 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwIQPBXsOx7u9fhFIMcDpSftvOBu%2FS1PyG9hA8VUVvo33wofbUM72hG85d9X9YLO%2FpfZNXNr9W6te%2BmJR89B3NNfzRYVbkBlMgBWxl9fMa9ifrB%2FkqM6nzKafPzjO4qxGKm45VJORoamR3TSUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 / Show response
www.weego365.live/feeds/posts/default/ 2 KB
1 KB 561ms
561ms Fetch
application/json 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weego365.live/feeds/posts/default/?max-results=0&alt=json

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

f21db9aa47c032d89f1a2f02869223fb2d622fa2e8cd88d42db81f21e2386051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Sep 2023 21:06:31 GMT
server: blogger-renderd
etag: W/"5c8717bdef981e3e60351b698f029fe07e1ff07d63a26afc933b6cf0d61038a3"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 938
x-xss-protection: 0
expires: Thu, 07 Sep 2023 23:17:00 GMT

GET
H2 200 8870442679460267164 Show response
www.blogger.com/feeds/1068937706229710159/posts/default/ 12 KB
4 KB 363ms
172ms Script
text/javascript 2a00:1450:4001:82a::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/feeds/1068937706229710159/posts/default/8870442679460267164?alt=json&callback=AN_387652578307

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

88769523ca94fa585dfc474250177392f96d4bba949af71b1d515fc843aa6d6d

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Thu, 07 Sep 2023 23:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 1; mode=block
last-modified: Tue, 16 May 2023 10:55:34 GMT
server: GSE
vary: Accept, X-GData-Authorization, GData-Version
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
gdata-version: 1.0
cache-control: private, max-age=0, must-revalidate, no-transform
expires: Thu, 07 Sep 2023 23:16:59 GMT

GET
H2 200 cOiPtdU_d.webp
i.imgur.com/ 7 KB
7 KB 77ms
23ms Image
image/webp 146.75.116.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/cOiPtdU_d.webp

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

a584b88211de5abf3764f81397ffd690edc8716f6c1a26863f71f115a51e3d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:16:59 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 3167789
x-cache: HIT, HIT
content-length: 6708
x-served-by: cache-iad-kcgs7200168-IAD, cache-fra-eddf8230021-FRA
last-modified: Wed, 02 Aug 2023 07:20:30 GMT
server: cat factory 1.0
x-timer: S1694128620.633181,VS0,VE1
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 3350, 1

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
603 B 141ms
41ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.weego365.live&callback=_gfp_s_&client=ca-pub-8263014913054740

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8263014913054740&plah=www.weego365.live

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b5e1d37b0f0ad51236e6065493dbc90713a019ae36a57a7d7b1caeb110aa188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7631 532 KB
101 KB 1027ms
1023ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&adk=1812271804&adf=3025194257&lmt=1694113591&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x540_l%7C260x675_r&format=0x0&url=https%3A%2F%2Fwww.weego365.live%2F&ea=0&host=ca-host-pub-1556223355139109&pra=5&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128619399&bpp=3&bdt=217&idt=296&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3663550989497&frm=20&pv=2&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=313

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

536779ca265d15c4e66f8bfe83f3bd1bc15065e079785aefc752b3a9475856a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 102839
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 23:17:00 GMT
expires: Thu, 07 Sep 2023 23:17:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A577 100 KB
36 KB 1080ms
1078ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&slotname=4187942542&adk=3091118472&adf=1599841384&pi=t.ma~as.4187942542&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128619402&bpp=1&bdt=220&idt=312&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=heW5lD8bx4&p=https%3A//www.weego365.live&dtd=315

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

63ff614373b9f318378b7a1f83a321aa90379fe9d6b2d7fff32edf1f5c27eb51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36636
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 23:17:00 GMT
expires: Thu, 07 Sep 2023 23:17:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 f=sky
www.fontstatic.com/ Frame C861 203 B
623 B 113ms
49ms Stylesheet
text/css 2606:4700:3035::6815:1ccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fontstatic.com/f=sky
Requested by: Host: www.mwaqet.net
URL: https://www.mwaqet.net/embed.html?with-country=2&with-city=36&with-lang=ar&with-sunrise=1&with-city-desc=1&with-city-time=1&with-difference=1&with-developers=1&with-color=e53935
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:1ccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0eda4cec4632f9fb08418ba565380acae7551a8939f1250f119f47d48cf959c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mwaqet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 23:16:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BY0mNP8VU8e9BUtrtCMBYBYxAlyQa4xjRtNTDNdphg9dlWyBXcMU5Fp3EfjGSnFiJMnH3zumRmxYG7IG1Ov6nJNF0wFAkoKD2Qiy6A%2B4GLupCo7UFeEKwLXntNpnZwxUIo1d2FZqyjxvnbiuwIziGQQ%3D"}],"group":"cf-nel","max_age":604800}
x-cache: MISS
content-type: text/css; charset=UTF-8
cf-ray: 8032a9a1eb7f3672-FRA
alt-svc: h3=":443"; ma=86400
x-proxy-cache: MISS

GET
H2 200 bg.png
www.mwaqet.net/themes/default/assets/img/ Frame C861 10 KB
10 KB 28ms
28ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mwaqet.net/themes/default/assets/img/bg.png

Requested by

Host: www.mwaqet.net
URL: https://www.mwaqet.net/embed.html?with-country=2&with-city=36&with-lang=ar&with-sunrise=1&with-city-desc=1&with-city-time=1&with-difference=1&with-developers=1&with-color=e53935

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15efd616a12ec9db8a03a05228105267a5a6b20fa0aed22f642ad81d0c98a02b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.mwaqet.net/embed.html?with-country=2&with-city=36&with-lang=ar&with-sunrise=1&with-city-desc=1&with-city-time=1&with-difference=1&with-developers=1&with-color=e53935
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:16:59 GMT
x-server-powered-by: Engintron
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1899374
alt-svc: h3=":443"; ma=86400
content-length: 9996
x-xss-protection: 1; mode=block
x-nginx-upstream-cache-status: STALE
last-modified: Mon, 23 Dec 2019 16:13:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lf0rRmndOXihYFYB76t5zbgQx35DxHO%2BqODze1Hv4Ye3puie3qUoxrXrrioVbnozHIqqBKoieNq8wEgmqJ0SzGKpfbpwIELBrUsn5Xl%2Fz0XMRJIfkYY%2BFRUKaDi2fM0fhxOYhbuG%2BlGVkPsz9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 8032a9a24bd05c3e-FRA
expires: Sat, 16 Sep 2023 23:40:44 GMT

GET
H3 200 sky.woff
www.fontstatic.com/fonts/sky/ Frame C861 70 KB
70 KB 73ms
28ms Font
application/font-woff 2606:4700:3035::6815:1ccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fontstatic.com/fonts/sky/sky.woff
Requested by: Host: www.fontstatic.com
URL: https://www.fontstatic.com/f=sky
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:1ccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a6f4f68fdea10f9ae1d3c1d858fb2dc4e361528290d4c3a9a3404db3f6afbef

Request headers

Referer: https://www.fontstatic.com/f=sky
Origin: https://www.mwaqet.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:16:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3926
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 18 Jul 2019 17:50:00 GMT
server: cloudflare
etag: W/"5d30b148-11764"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8emYk26ehLZugPlrjeGtDTU58kf0EnJsJZ%2BYs0wXdbpOZC%2BypR9hWbqOoy%2FnKsXM4Z%2BdHcrwC4XT5isFd9D9WslBzwsd5v0bKiI4QtCvOoayXiW5LJ6vTh%2BtCuhY7vk1oH2NFlLa%2Br07gc6WVXWIg9k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=432000
cf-ray: 8032a9a29e299152-FRA
x-proxy-cache: MISS

GET
H2 200 %D8%A3%D8%AE%D8%A8%D8%A7%D8%B1 Show response
www.weego365.live/feeds/posts/default/-/ 60 KB
15 KB 531ms
530ms Script
text/javascript 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weego365.live/feeds/posts/default/-/%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1?&alt=json&callback=AN_964629702620

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

4cabfee6c6141d3fc659debc8da21c5ebc92f0a94010ce1cff45284f37de5e15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Sep 2023 21:06:31 GMT
server: blogger-renderd
etag: W/"fbbc0eab35e3f54b398c30b8f4cf0731d8f9a6b4428aeafca417cb98ed9470b7"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 14782
x-xss-protection: 0
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H2 200 %D8%A7%D9%84%D8%A7%D9%86%D8%AA%D9%82%D8%A7%D9%84%D8%A7%D8%AA Show response
www.weego365.live/feeds/posts/default/-/ 18 KB
5 KB 797ms
797ms Script
text/javascript 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weego365.live/feeds/posts/default/-/%D8%A7%D9%84%D8%A7%D9%86%D8%AA%D9%82%D8%A7%D9%84%D8%A7%D8%AA?&alt=json&callback=AN_749170146069

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

629b91eea42ad3fd2cdbd95f04cf4bb4dd50ab42a480259f9c5758c02e58d863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Sep 2023 21:06:31 GMT
server: blogger-renderd
etag: W/"754941fe4f64248c4492c4ac29291073f987b9f9a387435fa728cf51759ee042"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 5338
x-xss-protection: 0
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H2 200 %D8%A3%D8%AE%D8%A8%D8%A7%D8%B1 Show response
www.weego365.live/feeds/posts/default/-/ 60 KB
15 KB 657ms
657ms Script
text/javascript 2a00:1450:4001:80e::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.weego365.live/feeds/posts/default/-/%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1?&alt=json&callback=AN_63718360601

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

blogger-renderd /

Resource Hash

083c5bf6958d73cf61cc8f18962943cb4bc2858252dbc883aee0da6602c9e3d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Sep 2023 21:06:31 GMT
server: blogger-renderd
etag: W/"fbbc0eab35e3f54b398c30b8f4cf0731d8f9a6b4428aeafca417cb98ed9470b7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
cross-origin-resource-policy: cross-origin
content-length: 14781
x-xss-protection: 0
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
DATA 200
OK truncated Show response
/ Frame C2B4 1 KB
1 KB Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html;charset=UTF-8

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 12:03:47 GMT
x-content-type-options: nosniff
age: 213193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Sep 2024 12:03:47 GMT

GET
H2 200 m=el_main_css
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/ Frame C50F 22 KB
4 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/d=0/rs=AN8SPfp0QXhhaDDdjg_LgcSqoZiPEzC1tw/m=el_main_css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.JIFGRsb1dOQ.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqGAd36_847zaiOisStthKtbIkfWA/m=el_main

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 18:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4144
x-xss-protection: 0
last-modified: Sat, 15 Jul 2023 01:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Sep 2024 18:38:07 GMT

GET
H3 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v14/ 6 KB
3 KB 66ms
24ms Image
image/svg+xml 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 18:51:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 447903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 14:24:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Sep 2024 18:51:57 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
505 B 117ms
50ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 23:17:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.php Show response
host.anubis-web.com/TMA/ 76 KB
6 KB 1097ms
898ms Fetch
application/json 185.244.36.136
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: https://host.anubis-web.com/TMA/index.php?o=1
Requested by: Host: dev.anubis-web.com
URL: https://dev.anubis-web.com/TableMatchAuto/TMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.36.136 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: web0144.pwxs.nl
Software: nginx / PHP/8.1.21
Resource Hash: a20e91d980226e50c3a10ba4b648d9511596d799cbc189e1654611b9ee0ede95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.1.21
access-control-max-age: 3600
access-control-allow-methods: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
access-control-allow-headers: *
content-length: 6309

GET
H2 200 index.php Show response
host.anubis-web.com/TMA/ 76 KB
6 KB 1129ms
929ms Fetch
application/json 185.244.36.136
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: https://host.anubis-web.com/TMA/index.php?o=1
Requested by: Host: dev.anubis-web.com
URL: https://dev.anubis-web.com/TableMatchAuto/TMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.36.136 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: web0144.pwxs.nl
Software: nginx / PHP/8.1.21
Resource Hash: a20e91d980226e50c3a10ba4b648d9511596d799cbc189e1654611b9ee0ede95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.1.21
access-control-max-age: 3600
access-control-allow-methods: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
access-control-allow-headers: *
content-length: 6309

GET
H2 200 index.php Show response
host.anubis-web.com/TMA/ 76 KB
6 KB 1191ms
991ms Fetch
application/json 185.244.36.136
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: https://host.anubis-web.com/TMA/index.php?o=1
Requested by: Host: dev.anubis-web.com
URL: https://dev.anubis-web.com/TableMatchAuto/TMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.36.136 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: web0144.pwxs.nl
Software: nginx / PHP/8.1.21
Resource Hash: a20e91d980226e50c3a10ba4b648d9511596d799cbc189e1654611b9ee0ede95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.1.21
access-control-max-age: 3600
access-control-allow-methods: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
access-control-allow-headers: *
content-length: 6309

GET
DATA 200
OK truncated
/ 778 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77981216dc1330ef5848e4266de28b06df5a1bcbc623067a690f970d68b337ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 index.php Show response
host.anubis-web.com/TMA/ 76 KB
6 KB 1509ms
1508ms Fetch
application/json 185.244.36.136
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: https://host.anubis-web.com/TMA/index.php?o=1
Requested by: Host: dev.anubis-web.com
URL: https://dev.anubis-web.com/TableMatchAuto/TMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.36.136 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: web0144.pwxs.nl
Software: nginx / PHP/8.1.21
Resource Hash: a20e91d980226e50c3a10ba4b648d9511596d799cbc189e1654611b9ee0ede95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.1.21
access-control-max-age: 3600
access-control-allow-methods: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
access-control-allow-headers: *
content-length: 6309

GET
H2 200 index.php Show response
host.anubis-web.com/TMA/ 76 KB
6 KB 1097ms
1097ms Fetch
application/json 185.244.36.136
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: https://host.anubis-web.com/TMA/index.php?o=1
Requested by: Host: dev.anubis-web.com
URL: https://dev.anubis-web.com/TableMatchAuto/TMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.36.136 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: web0144.pwxs.nl
Software: nginx / PHP/8.1.21
Resource Hash: a20e91d980226e50c3a10ba4b648d9511596d799cbc189e1654611b9ee0ede95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.1.21
access-control-max-age: 3600
access-control-allow-methods: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
access-control-allow-headers: *
content-length: 6309

GET
H2 200 index.php Show response
host.anubis-web.com/TMA/ 76 KB
6 KB 1196ms
1196ms Fetch
application/json 185.244.36.136
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: https://host.anubis-web.com/TMA/index.php?o=1
Requested by: Host: dev.anubis-web.com
URL: https://dev.anubis-web.com/TableMatchAuto/TMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.36.136 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: web0144.pwxs.nl
Software: nginx / PHP/8.1.21
Resource Hash: a20e91d980226e50c3a10ba4b648d9511596d799cbc189e1654611b9ee0ede95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.1.21
access-control-max-age: 3600
access-control-allow-methods: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
access-control-allow-headers: *
content-length: 6309

GET
H2 200 index.php Show response
host.anubis-web.com/TMA/ 76 KB
6 KB 952ms
951ms Fetch
application/json 185.244.36.136
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: https://host.anubis-web.com/TMA/index.php?o=1
Requested by: Host: dev.anubis-web.com
URL: https://dev.anubis-web.com/TableMatchAuto/TMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.36.136 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: web0144.pwxs.nl
Software: nginx / PHP/8.1.21
Resource Hash: a20e91d980226e50c3a10ba4b648d9511596d799cbc189e1654611b9ee0ede95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.1.21
access-control-max-age: 3600
access-control-allow-methods: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
access-control-allow-headers: *
content-length: 6309

GET
H2 200 index.php Show response
host.anubis-web.com/TMA/ 76 KB
6 KB 1330ms
1330ms Fetch
application/json 185.244.36.136
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: https://host.anubis-web.com/TMA/index.php?o=1
Requested by: Host: dev.anubis-web.com
URL: https://dev.anubis-web.com/TableMatchAuto/TMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.36.136 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: web0144.pwxs.nl
Software: nginx / PHP/8.1.21
Resource Hash: a20e91d980226e50c3a10ba4b648d9511596d799cbc189e1654611b9ee0ede95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.1.21
access-control-max-age: 3600
access-control-allow-methods: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
access-control-allow-headers: *
content-length: 6309

GET
H2 200 index.php Show response
host.anubis-web.com/TMA/ 76 KB
6 KB 1191ms
1191ms Fetch
application/json 185.244.36.136
SPECTRAIP Spectra...

General

Check archive.org

Show headers Download Go to

Full URL: https://host.anubis-web.com/TMA/index.php?o=1
Requested by: Host: dev.anubis-web.com
URL: https://dev.anubis-web.com/TableMatchAuto/TMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.244.36.136 Amsterdam, Netherlands, ASN62068 (SPECTRAIP SpectraIP B.V., NL),
Reverse DNS: web0144.pwxs.nl
Software: nginx / PHP/8.1.21
Resource Hash: a20e91d980226e50c3a10ba4b648d9511596d799cbc189e1654611b9ee0ede95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/8.1.21
access-control-max-age: 3600
access-control-allow-methods: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding,User-Agent
access-control-allow-headers: *
content-length: 6309

GET
H2 200 css
fonts.googleapis.com/ Frame A577 4 KB
1 KB 107ms
43ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&slotname=4187942542&adk=3091118472&adf=1599841384&pi=t.ma~as.4187942542&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128619402&bpp=1&bdt=220&idt=312&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=heW5lD8bx4&p=https%3A//www.weego365.live&dtd=315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 23:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 22:10:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 23:17:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame A577 2 KB
973 B 103ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame A577 23 KB
9 KB 80ms
23ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame A577 3 KB
1 KB 79ms
22ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame A577 20 KB
8 KB 100ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A577 181 KB
57 KB 136ms
55ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:17:00 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame A577 36 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/ 154 KB
52 KB 120ms
120ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308310101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e61ee67aded4193a7b7d9da8f685bcc9be9b374f5947f023542411ec094c784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53640
x-xss-protection: 0
server: cafe
etag: 2679585613232015540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:17:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7992855410709718320/ Frame A577 186 KB
187 KB 92ms
38ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7992855410709718320/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d748f33f8b08a76eb8eef0c7a037adc9bba1a3a3b3cf4a3d286092003c3d7384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 09:44:53 GMT
x-content-type-options: nosniff
age: 307927
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 190723
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 10:33:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Sep 2024 09:44:53 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4905572990799854897/ Frame A577 2 KB
2 KB 139ms
86ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4905572990799854897/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0b550b35fec37801d0531f70902f5f4fa8274b84653a3ed836461dda54c1283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 12:01:26 GMT
x-content-type-options: nosniff
age: 299734
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2125
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 14:17:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Sep 2024 12:01:26 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E0A0 102 KB
36 KB 555ms
555ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=3088186576&adf=289864595&pi=t.aa~a.2191005173~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280&nras=2&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K01U4nPxYT&p=https%3A//www.weego365.live&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfba98b42a2248873541a172480c12673f6e9d0fdb3a6aecce8423c51110c0a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37030
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 23:17:01 GMT
expires: Thu, 07 Sep 2023 23:17:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 435D 98 KB
36 KB 475ms
475ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=439085777&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1050&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1050x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Ip7YTjx58N&p=https%3A//www.weego365.live&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d10a7415f5966f413d4c32f594f31f52171c13f36715dc8f3e84598bb3a9a58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36324
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 23:17:01 GMT
expires: Thu, 07 Sep 2023 23:17:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B03B 101 KB
36 KB 455ms
455ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=90&adk=196179062&adf=900330&pi=t.aa~a.3308930158~rp.1&w=1050&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1050x90&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1744&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1050x280&nras=4&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=OsJaqJDS5m&p=https%3A//www.weego365.live&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b9ef562e3ee79fedace602db6fc35cef87944dcddfe14d927342eae50e522de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37284
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 23:17:01 GMT
expires: Thu, 07 Sep 2023 23:17:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A577 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 370c8cdb456b23d0d6e1fe3fb1b4793edf0d59e14b496f8a842e979021dd009a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/ Frame 65A9 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 00:39:10 GMT
etag: 8554266389219770021
expires: Thu, 21 Sep 2023 00:39:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/ Frame C6D1 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 00:39:10 GMT
etag: 8554266389219770021
expires: Thu, 21 Sep 2023 00:39:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/ Frame EE28 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 00:39:10 GMT
etag: 8554266389219770021
expires: Thu, 21 Sep 2023 00:39:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/ Frame 8072 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81471
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 00:39:10 GMT
etag: 8554266389219770021
expires: Thu, 21 Sep 2023 00:39:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 65A9 4 KB
767 B 44ms
44ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 22:09:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 65A9 205 B
229 B 24ms
23ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 16:44:17 GMT
x-content-type-options: nosniff
age: 282764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Sep 2024 16:44:17 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 65A9 604 B
628 B 24ms
23ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 21:04:39 GMT
x-content-type-options: nosniff
age: 94342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 05 Sep 2024 21:04:39 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 65A9 15 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:15:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:15:37 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/ Frame 65A9 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32912
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C6D1 6 KB
779 B 43ms
43ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 22:14:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame C6D1 2 KB
931 B 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame C6D1 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame C6D1 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame C6D1 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6D1 181 KB
57 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame C6D1 36 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame EE28 2 KB
926 B 22ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame EE28 23 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame EE28 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame EE28 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE28 181 KB
57 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame EE28 36 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 8072 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 919D 143 B
166 B 25ms
24ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 23:08:14 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 8072 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 8072 20 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 200 12816658276294838584
tpc.googlesyndication.com/simgad/ Frame 8072 23 KB
23 KB 29ms
29ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12816658276294838584?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkcsm3cXAKZHd3o8rV54zHvGXavVQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34aab8940b0ffb940e57f76af9838fee0b4c19b9874ad0f66be9266fd3516e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 21:50:21 GMT
x-content-type-options: nosniff
age: 91600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23140
x-xss-protection: 0
last-modified: Fri, 05 May 2023 11:11:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Sep 2024 21:50:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8072 181 KB
57 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 8072 35 KB
14 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e216ef6426028ff54f8706b86c8ea7243a5cdbecbbbcf72ecac62b5a8541c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:15:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14480
x-xss-protection: 0
server: cafe
etag: 10657407632856047895
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:15:32 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A577 16 KB
16 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 506512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 02:35:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame A577 15 KB
15 KB 24ms
23ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 587409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 04:06:52 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A577
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CahRB61n6ZLn-MMiPygX4n4uIB9HKu9Zy89O0_IISl8Tz_QgQASDp6d2PAWCVgoCArAegAfTFzfwDyAEJqQLrU9efRPOxPqgDAcgDywSqBNABT9DZV-QsHp7824xcV3I7Lf7dkDQ6wCe5UYn...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225807786637312961854%22,%22debug_reporting%22:true,%22destination%22:%22https://papstar-shop.de%22,%22event_report_window%2...

0
0

108ms
59ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225807786637312961854%22,%22debug_reporting%22:true,%22destination%22:%22https://papstar-shop.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221066623732%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221827683463143286129%22}&andc=true

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5807786637312961854","debug_reporting":true,"destination":"https://papstar-shop.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1066623732"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"1827683463143286129"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 23:17:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 23:17:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5807786637312961854","debug_reporting":true,"destination":"https://papstar-shop.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1066623732"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"1827683463143286129"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame EE26 2 KB
892 B 90ms
89ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame EE26 23 KB
9 KB 88ms
87ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame EE26 3 KB
1 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame EE26 20 KB
8 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE26 181 KB
57 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame EE26 36 KB
15 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BBD 37 KB
14 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 05:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 05:12:22 GMT

GET
DATA 200
OK truncated
/ Frame 8072 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64df679da0a58c4ef24a31c9d23a35f7540024ec3a2a994abc1a9e3714d19f1c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 919D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
54ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 23:17:01 GMT
expires: Thu, 07 Sep 2023 23:17:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 23:17:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 499 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d0d2cabb3f6f8dcc13db23c33ec038e3b2a4d6a5ea0553c4dcaa32f8035e57b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame AB66 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 05:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 05:12:22 GMT

GET
H2

200

1xBWyjjkA6vEWopPK3lIPA_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/1xBWyjjkA6vEWopPK3lIPA_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/1xBWyjjkA6vEWopPK3lIPA_96x96.png

4 KB
5 KB

133ms
59ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/1xBWyjjkA6vEWopPK3lIPA_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eeac0c568551c6210ad00d9c682d66360f72815789896676acb65cf645381f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 00:18:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 262
etag: "60b97168-10d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaNp2%2BrVkDTP7UcRFTy04Ctvvn82JXYoeyROZ5ZEcqxITBb%2BowKnAPe7JiMuz4RuXoX6Y73XnbP2l6bvZQoRx6QnfKJQlJBEBLun4BQS1%2F11gedU%2F%2B28YsCBmLCAvdzGeO93JPVjxPxAiUPnUrlLHBtFlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9adc9a7bb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4306

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/1xBWyjjkA6vEWopPK3lIPA_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

AKqvkBpIyr-iLOK7Ig7-yQ_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/AKqvkBpIyr-iLOK7Ig7-yQ_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/AKqvkBpIyr-iLOK7Ig7-yQ_96x96.png

5 KB
5 KB

106ms
32ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/AKqvkBpIyr-iLOK7Ig7-yQ_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2218cb4654ddc8f6734f26342bf23f60d001993dd6bad7617b62e2fb85c40239

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 00:51:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4953
etag: "60b97928-128a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsTRxA5NLcJGkV9tWOZPpmI8LtGov1qph1SXYhGQpbJXBJ7Sh8EL00%2FQ%2B3%2FOIR010lqJTS2ivXlx5wFvCsIJHU7z9GihsemaeJ9hLgudsi22mRkPhgRYXJ3ezMfAVbMC183lqKkJHRcHPsD8OSRWzdQjyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9ada98bbb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4746

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/AKqvkBpIyr-iLOK7Ig7-yQ_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

bKgDua1kwIWk6-kiuusSnQ_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/09/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/09/bKgDua1kwIWk6-kiuusSnQ_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/09/bKgDua1kwIWk6-kiuusSnQ_96x96.png

2 KB
3 KB

105ms
31ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/09/bKgDua1kwIWk6-kiuusSnQ_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d10eeed2e36c786b1192705557a4f72268e9c579c5d57c6c568f722bb6c5891

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Sep 2021 16:05:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3914
etag: "6134eabe-982"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vA72Dy18qIBkYDpNyfLlV3hqXOaFqfKxct2Zr3HF7mMtmoUQCZUDU0zm2EdklysnNiSEtcqSp58xQvK2hGxKRpnCwU0yE4GKClMKs5s7zi7VNJueMrjnHeuokZknlwfvUFBtn92OC78VTO61edIJr12DhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9ada988bb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2434

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/09/bKgDua1kwIWk6-kiuusSnQ_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

5hLkf7KFHhmpaiOJQv8LmA_96x96-1.png
stad.yalla-shoots.io/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/5hLkf7KFHhmpaiOJQv8LmA_96x96-1.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/5hLkf7KFHhmpaiOJQv8LmA_96x96-1.png

4 KB
4 KB

125ms
57ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/5hLkf7KFHhmpaiOJQv8LmA_96x96-1.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09f34e4793ffcb7badb683e956877bce7f781fb4bdd0d47826b9c3fc9fbd8994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Jun 2021 02:55:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3914
etag: "60c5738c-ed1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOpS2%2FxKKJ0ye8Ido8fe%2Bg7QSXeeVAKG%2FkcCjm6%2FA1Asd8ZkdXEJcpnBSV8HfHeGmlcpKw3yBCALmvfu65frPYrfpayZxyAoVtzwygrpGPzwDyTX6d5LLZ0%2FRu0rsBwIpanwFQi%2FHSLMotJGE0V%2FtKbxpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9adc9a6bb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3793

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/5hLkf7KFHhmpaiOJQv8LmA_96x96-1.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

lYah1Uqw37XdicC6C4HNqg_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/lYah1Uqw37XdicC6C4HNqg_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/lYah1Uqw37XdicC6C4HNqg_96x96.png

3 KB
3 KB

109ms
35ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/lYah1Uqw37XdicC6C4HNqg_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2cbe5826edd81dcac7bfb1cb1027304e1211984a5d983526e9666ab686ed676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Thu, 10 Jun 2021 02:34:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 618
etag: "60c17a40-ac0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpOiZq0Y67cmdp4PLrILtFGdvazdeY9%2BcGytIYdwUYigpHiVaSgyHXZQFOBJQYt7YXr%2FqtSVoX14wku40eBteXchCqwzcBoNPRhk%2FKfipOrwkXDO4C6898V%2BM64ZptiCX7nD2Nd%2FfUB6WbWwcIZjYoW1xA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9ada98fbb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2752

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/lYah1Uqw37XdicC6C4HNqg_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

S6c0DAVGaMnXlQbh3-Vpiw_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2022/01/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2022/01/S6c0DAVGaMnXlQbh3-Vpiw_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2022/01/S6c0DAVGaMnXlQbh3-Vpiw_96x96.png

5 KB
5 KB

102ms
28ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2022/01/S6c0DAVGaMnXlQbh3-Vpiw_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79e29aefd3de350b683a5a47f6bb28d97d2356b7f2d3c71609e381b4c9e52d81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 22:19:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3914
etag: "61d8bc7b-1302"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q32%2BJ2wQPaSNcSWUbf%2BK8Laql19yJMjKO1KnY8CH%2Bpe3DE9YUNe3O2eMUUUyIf2KdhxWgB%2FHI7593NHqINpWXQ50wSLoFvLMFRD%2FlJ0qGPY5t3zTf35DtpS9UtP0g6b%2FNoxH5KDTHxPzQNYI4yFGUxKnpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9ada985bb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4866

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2022/01/S6c0DAVGaMnXlQbh3-Vpiw_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

QoAJxO46fHid3_T-7nRZ0Q_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/QoAJxO46fHid3_T-7nRZ0Q_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/QoAJxO46fHid3_T-7nRZ0Q_96x96.png

5 KB
5 KB

102ms
33ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/QoAJxO46fHid3_T-7nRZ0Q_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9d0e41f1e324900de704d2c0eef0618885aac645cb406f4f632638c9da1bec7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 00:52:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3911
etag: "60b97943-1450"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H09fmlpLU%2BJEdJDAmrjJWz3FVP0lS%2FEmEUjKuKr0CfbigAErlrlrfTM4z9QotKKatF3hXgnRwYGqkmV3Wvs%2BXY3ihNaAMxqx7CuHK1rY6qYoWGiIo306iRYSGCo7WpgdVIuSkbgyRYXVrQoXyFhq6TcDtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9ada98cbb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 5200

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/QoAJxO46fHid3_T-7nRZ0Q_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

costa-rica.png
stad.yalla-shoots.io/wp-content/uploads/2022/11/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2022/11/costa-rica.png
https://stad.yalla-shoots.io/wp-content/uploads/2022/11/costa-rica.png

2 KB
2 KB

102ms
34ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2022/11/costa-rica.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a58c48f70825f344c8dec7770b1ddc8b1b332c04ae93dc312fc5e6c9e7a9a10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 18:00:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3911
etag: "6375252e-6d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmPp6gWURK8JSZWOOP9%2FFdh8Zf9BlhpV2vGku05yDCbjfr8S%2FuyF9V%2FGwNIR3DsYbIBU32EOhNRayvWGfOeDUNP%2BMUfkR3mV0MBVRzFdc1m9K0G9Gi5TZLoEbz3pGvDCaBwtN%2B8qVgLLluAKTUBqFZIZjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9ada989bb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1744

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2022/11/costa-rica.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

ZH7SDm7MIMjzcxLI4F3Tyg_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/ZH7SDm7MIMjzcxLI4F3Tyg_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/ZH7SDm7MIMjzcxLI4F3Tyg_96x96.png

3 KB
3 KB

132ms
58ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/ZH7SDm7MIMjzcxLI4F3Tyg_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 728e579ab5497a196186aa6ddecabef043f03477dac92aa62b6f16197795a5d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Fri, 11 Jun 2021 05:44:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3908
etag: "60c2f823-a94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmqlXpoY1cai7G%2Fe0r9ClmI9F4HFcgDKrCOxoTOYuKdOBMfDUoZb2%2B5EzswnYm%2BJ4CUbGwpdJ5NkPwHFcNx4dCDc7zcl0cFZyoZXrWyV%2BHKs%2FxBTJ5PiC2GdvJaPGlDdIzxVWMj2ZhSzrEI%2FIIw3wIflzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9adc9a4bb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2708

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/ZH7SDm7MIMjzcxLI4F3Tyg_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

eswatini.png
stad.yalla-shoots.io/wp-content/uploads/2022/10/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2022/10/eswatini.png
https://stad.yalla-shoots.io/wp-content/uploads/2022/10/eswatini.png

6 KB
7 KB

103ms
35ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2022/10/eswatini.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 102f0b14ef11018f9ad5db887dd40ee5cf21f64dd6c20405b3c9f23395ab81af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Wed, 19 Oct 2022 01:35:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3908
etag: "634f5455-194d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7m%2FzLCcbp1%2FMsRBTu2%2FXJExtVk15I8E2aBDvgCTBGbo7UUR4Z4P%2BrO496htDTHPEz2CBLDol0dDRoaP%2F9PxULqrYXNTybQfmJQJMBddiNZLnV%2BSiU7xcs84w988Ku3%2B2h0BQzIq6ygB7S7M7ywjWnDQww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9ada991bb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 6477

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2022/10/eswatini.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

hYrtTF982kN3GcYNdSPL9g_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/hYrtTF982kN3GcYNdSPL9g_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/hYrtTF982kN3GcYNdSPL9g_96x96.png

3 KB
3 KB

103ms
29ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/hYrtTF982kN3GcYNdSPL9g_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e795abc195f42f9e6012f10e6324807f5192601fb70b2482eecf06abd7d31711

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Thu, 10 Jun 2021 03:11:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3908
etag: "60c182fd-c5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJ6mm%2Bg3Rxmpc5V8Z2P4NaJ%2FXDhYWse3JUI9MXE8z9vuDB9JhJjSovgECCstAy7ppDNNoUWKhu%2B%2BFy%2F0BdhV%2BaeUYVNsjxluVAMRM1REXLDerSbbTo1XVcCbtnl9LmnlkPkIAjU5nUkkZNgMS4wGTgm0ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9ada97dbb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3164

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/hYrtTF982kN3GcYNdSPL9g_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

oVYdBtXnJXYVX_OM4U75Ww_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/09/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/09/oVYdBtXnJXYVX_OM4U75Ww_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/09/oVYdBtXnJXYVX_OM4U75Ww_96x96.png

2 KB
2 KB

130ms
57ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/09/oVYdBtXnJXYVX_OM4U75Ww_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08c8f5a2ee1810eea3fcd85815e88f15d6a2e3f147b7949468a015bd24d9e340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Sun, 05 Sep 2021 16:56:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3908
etag: "6134f6cb-73f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZIa1Xsh65nX33u5fMxya%2Fxtx6A4Rkj3RRzCrjzuQ0DluMlqBuSCuGL60jf%2BYdPXyroc4p3viq1Zj%2By3KsXLy2vnbQtGjAKDS7l%2F1STe4P4iOpuMPFMVrvEGGAj5TiYjdyDrmnyyBnzDwZjTtf5wb0lrdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9adc9a2bb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1855

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/09/oVYdBtXnJXYVX_OM4U75Ww_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

6APs2PMKgCrh97J3QEz5Yg_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/6APs2PMKgCrh97J3QEz5Yg_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/6APs2PMKgCrh97J3QEz5Yg_96x96.png

3 KB
4 KB

122ms
55ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/6APs2PMKgCrh97J3QEz5Yg_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae4d5a603e84a35fd7e7befbf0a51cc8afffc60753a7d6a23c7086c8f425961

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Sun, 13 Jun 2021 02:54:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3903
etag: "60c57352-d0b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgfTjNG0Y%2FKzH5AATr63NFghyvongD8GujHPgpK0COMD2A6i81x7jEHZEyZiZ7gR42%2FdZoJbWJ6lugIflSVRXWW6SX222%2FRjZnGpfcEvryObRViCxwK6S8OLHljDWH3RsK4PQW3Hlfl6fmp8WxWeA9FPTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9adc9acbb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3339

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/6APs2PMKgCrh97J3QEz5Yg_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

HJ3_2c4w791nZJj7n-Lj3Q_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/HJ3_2c4w791nZJj7n-Lj3Q_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/HJ3_2c4w791nZJj7n-Lj3Q_96x96.png

4 KB
5 KB

126ms
59ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/HJ3_2c4w791nZJj7n-Lj3Q_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3be7051ca7a21a54c17dcae7438005e0b77a8607e90022a4f48e9fe370ba533b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Fri, 04 Jun 2021 00:49:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3903
etag: "60b978af-1173"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNLU5iHUTPXkgKcejn3CLCFR%2BrtSI17620KCM5nDqoDypKfs9Dh%2BhcQu4ZL0uvt021Ar%2FoAdc11VNPmgF%2BQAzILQ%2FMz%2FcF2UmI%2B9My60QdphZ26h46mCKfK5E%2BITA%2FPTdcYeXaNuA69wG6shv3JdJ%2BQFyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9adc9adbb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4467

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/HJ3_2c4w791nZJj7n-Lj3Q_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

9toerdOg8xW4CRhDaZxsyw_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/9toerdOg8xW4CRhDaZxsyw_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/9toerdOg8xW4CRhDaZxsyw_96x96.png

4 KB
4 KB

112ms
46ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/9toerdOg8xW4CRhDaZxsyw_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1a63c458dfd7a8d50403693bc65d7189d2cb5e10477e1d6a79ad98a1abadfc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Jun 2021 02:42:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3902
etag: "60bae499-e5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULm%2FneSddv8aiPmRVP9uHLT%2B5ORMjKfaiCgGNWLcEIbe8wZWud2I85cRo8kjwMFmHXBkXXfmAk%2BUw6q%2BbnrajkEkB%2FTVbvhwWk9fyg8ER3EWwbM%2F6knOii20TsWUl9T0O%2FXWrQM9Tb4u1sV7099s49BI9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9adc9aabb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3679

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/9toerdOg8xW4CRhDaZxsyw_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

haAD1SXbO8U5DrW0FjJCPw_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/haAD1SXbO8U5DrW0FjJCPw_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/haAD1SXbO8U5DrW0FjJCPw_96x96.png

2 KB
2 KB

122ms
56ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/haAD1SXbO8U5DrW0FjJCPw_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c23b443c67d71b7d4cce3ab83674fa7670afeb285fae45a6d9498be7b36988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Sun, 06 Jun 2021 22:33:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3902
etag: "60bd4d2c-6ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVQzHmraNrtQA4ZaeE%2BVnqC2NfaSQbjrywqLwZJ6lsaQ%2B56ecKCjNerfLSPAQs%2FhFxFPq3OA8qagQcK5ziXw5WYZKb3%2B4YGOLUaOndWtCdOsbOPEBpIt3JzHkGYowkkemOnfIwKtFkacw2qtsNAYus8Eaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9adc9abbb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1791

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/haAD1SXbO8U5DrW0FjJCPw_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

zZzKmdy0FsJ159f9r0vxrA_96x96.png
stad.yalla-shoots.io/wp-content/uploads/2021/06/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2021/06/zZzKmdy0FsJ159f9r0vxrA_96x96.png
https://stad.yalla-shoots.io/wp-content/uploads/2021/06/zZzKmdy0FsJ159f9r0vxrA_96x96.png

2 KB
2 KB

122ms
56ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/zZzKmdy0FsJ159f9r0vxrA_96x96.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb0abeb989026d763ba5d4b83848a5ec14f6dc894bb1e25c7104b26d2a2bb4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Jun 2021 01:57:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3902
etag: "60c6b785-78d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiLEa%2FnDD%2F4A59p%2Fn6T2P4qDzVMxyTK7eDyKAFq48e%2BQli2DRJqPTFdLMYsptt4yo2okVee85EzN%2B8LQC1yJeMhCafR%2FSeKvSr%2BwEEXNxmTNqrqOhdkYCRK6Wi14HKwXfaTO72%2FFU5aR6GWbgENuQJoV6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9adc9a9bb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1933

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2021/06/zZzKmdy0FsJ159f9r0vxrA_96x96.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H2

200

south-sudan.png
stad.yalla-shoots.io/wp-content/uploads/2023/05/
Redirect Chain

https://cdn.statically.io/img/stad.yalla-shoots.io/wp-content/uploads/2023/05/south-sudan.png
https://stad.yalla-shoots.io/wp-content/uploads/2023/05/south-sudan.png

3 KB
4 KB

124ms
58ms

Image
image/png

2606:4700:3033::ac43:d26a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stad.yalla-shoots.io/wp-content/uploads/2023/05/south-sudan.png
Requested by: Host: www.weego365.live
URL: https://www.weego365.live/
Protocol: H2
Server: 2606:4700:3033::ac43:d26a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fcc964bb0d817789bb07354ee4543bb052c181f8b6bba877c7a041fa18acf20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
cf-cache-status: HIT
last-modified: Mon, 01 May 2023 08:08:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3902
etag: "644f738c-d72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbzmdDmNWJ%2FcHEAK48ktbtmaM4txOiG2jisMkwx%2FdlYwno6OzAu5IFWZMyjUtPcG3SWO6yMgjulGxKj%2BzyLWXU419hgHiWO9j%2BWIdoGzwiqzas%2F3IETy9ovTjc%2BTdrylCQ%2BipIeQfz5zrMnuto9g7zTdGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8032a9adc9a8bb73-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3442

Redirect headers

date: Thu, 07 Sep 2023 23:17:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://stad.yalla-shoots.io/wp-content/uploads/2023/05/south-sudan.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-fra-eddf8230131-FRA

GET
H3 200 css
fonts.googleapis.com/ Frame B03B 4 KB
671 B 43ms
43ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=90&adk=196179062&adf=900330&pi=t.aa~a.3308930158~rp.1&w=1050&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1050x90&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1744&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1050x280&nras=4&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=OsJaqJDS5m&p=https%3A//www.weego365.live&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 22:15:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame B03B 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame B03B 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame B03B 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B03B 0
0 41ms
40ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRO9Te8DB2yggUXF9ro6_UrrS6GO6eTEz9dl5kfceO82H-9U7Xx0jpy54uz2F6ROL6iDK_s
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=90&adk=196179062&adf=900330&pi=t.aa~a.3308930158~rp.1&w=1050&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1050x90&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1744&idt=1&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280%2C1200x280%2C1050x280&nras=4&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=2257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=OsJaqJDS5m&p=https%3A//www.weego365.live&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B03B 181 KB
57 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame B03B 36 KB
15 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 435D 4 KB
655 B 43ms
42ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=439085777&adf=8396834&pi=t.aa~a.1902041895~rp.4&w=1050&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1050x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280%2C1200x280&nras=3&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=Ip7YTjx58N&p=https%3A//www.weego365.live&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 22:09:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 435D 2 KB
892 B 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame 435D 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 435D 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame 435D 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 435D 181 KB
57 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame 435D 36 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 144ms
58ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 23:17:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 471270154378566428
tpc.googlesyndication.com/daca_images/simgad/ Frame EE28 22 KB
22 KB 221ms
221ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/471270154378566428?w=360&h=640

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8ef4bda7fca6a344c96b99b34306bf6f04573d59236a2bcd33c7bc20eb2a354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22150
x-xss-protection: 0
last-modified: Sun, 07 May 2023 23:20:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 23:17:01 GMT

GET
DATA 200
OK truncated
/ Frame EE28 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22abec37f7e1656ae76c9cd252690ea5376c3f81ec0c6a9534e6452d8de3521c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 435D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C9H4G7Fn6ZOqaPPq0xdwP0fSD0AnG24PncsrT6eGtEf2AzODVDhABIOnp3Y8BYJWCgICsB6AB68G6uwLIAQmoAwHIA8sEqgTVAU_Q52J24_sXvc-ngE3K-Ot-mhBDiQf49IyHZ_94lQC69xR...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211770251411183038753%22,%22debug_reporting%22:true,%22destination%22:%22https://pluto.tv%22,%22event_report_window%22:%222...

0
0

63ms
62ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211770251411183038753%22,%22debug_reporting%22:true,%22destination%22:%22https://pluto.tv%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22661561579%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221489965162274899745%22}&andc=true

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11770251411183038753","debug_reporting":true,"destination":"https://pluto.tv","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["661561579"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"1489965162274899745"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 23:17:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 23:17:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11770251411183038753","debug_reporting":true,"destination":"https://pluto.tv","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["661561579"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"1489965162274899745"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 8072
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CjDec61n6ZJaRMLyMjuwPsu6v2Ajwoaqgbb2Jtbu3EdrZHhABIOnp3Y8BYJWCgICsB6AB4ZSt0wPIAQKpAutT159E87E-qAMByAPJBKoE1QFP0E5fxIYQlFrXeFN66DRWsRTMgIhNkWL44vS...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227066434565599422010%22,%22debug_reporting%22:true,%22destination%22:%22https://kaufland.de%22,%22event_report_window%22:%2...

0
0

71ms
70ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227066434565599422010%22,%22debug_reporting%22:true,%22destination%22:%22https://kaufland.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22980109921%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214121142416875078801%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7066434565599422010","debug_reporting":true,"destination":"https://kaufland.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980109921"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"14121142416875078801"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 23:17:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 23:17:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7066434565599422010","debug_reporting":true,"destination":"https://kaufland.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["980109921"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"14121142416875078801"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame AB00 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 05:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 05:12:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E0A0 4 KB
655 B 43ms
43ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=3088186576&adf=289864595&pi=t.aa~a.2191005173~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280&nras=2&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K01U4nPxYT&p=https%3A//www.weego365.live&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Sep 2023 22:15:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame E0A0 2 KB
892 B 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=3088186576&adf=289864595&pi=t.aa~a.2191005173~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280&nras=2&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K01U4nPxYT&p=https%3A//www.weego365.live&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/ Frame E0A0 23 KB
9 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=3088186576&adf=289864595&pi=t.aa~a.2191005173~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280&nras=2&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K01U4nPxYT&p=https%3A//www.weego365.live&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:08:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame E0A0 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=3088186576&adf=289864595&pi=t.aa~a.2191005173~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280&nras=2&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K01U4nPxYT&p=https%3A//www.weego365.live&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/ Frame E0A0 20 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230906/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=3088186576&adf=289864595&pi=t.aa~a.2191005173~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280&nras=2&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K01U4nPxYT&p=https%3A//www.weego365.live&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 14:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Sep 2023 14:05:20 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E0A0 0
0 34ms
33ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPWlYBAYcdppXFhRptrvtCYs1Morog67nsJYAQ5YDvnVQFKEBvqKggKQtmLIQUBpsaFRO7
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=3088186576&adf=289864595&pi=t.aa~a.2191005173~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280&nras=2&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K01U4nPxYT&p=https%3A//www.weego365.live&dtd=4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0A0 181 KB
57 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=3088186576&adf=289864595&pi=t.aa~a.2191005173~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280&nras=2&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K01U4nPxYT&p=https%3A//www.weego365.live&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 23:17:01 GMT

GET
H3 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame E0A0 36 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=3088186576&adf=289864595&pi=t.aa~a.2191005173~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280&nras=2&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K01U4nPxYT&p=https%3A//www.weego365.live&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 01:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 01:09:15 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11610643569412253976/ Frame 435D 48 KB
48 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11610643569412253976/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b12338f72a0ca5504c4df4d8024bfa6868b7445ca36ebf0457b990fc9647ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 05:05:27 GMT
x-content-type-options: nosniff
age: 497494
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48855
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:24:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Sep 2024 05:05:27 GMT

GET
H3 200 16402115223136551777
tpc.googlesyndication.com/simgad/ Frame 435D 1 KB
1 KB 25ms
25ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16402115223136551777?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83ab1986e18d076b5d12411e10352a2268cb12927b024dff737dab39e9bdbb11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 13:31:20 GMT
x-content-type-options: nosniff
age: 467141
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1474
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 14:13:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Sep 2024 13:31:20 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame EE28
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ctqsq61n6ZJWRMLyMjuwPsu6v2AjUlcDtctPy0pneEeq2jPG-ARABIOnp3Y8BYJWCgICsB6AB8NmkpAHIAQGpAutT159E87E-qAMByAPLBKoE5AFP0NulFLA4w8o8C65kLYBzIBBgSA3W9rx...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225910369797523699983%22,%22debug_reporting%22:true,%22destination%22:%22https://deutschland-reise-versicherung.de%22,%22eve...

0
0

60ms
60ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%225910369797523699983%22,%22debug_reporting%22:true,%22destination%22:%22https://deutschland-reise-versicherung.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22344534256%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212400475805427151121%22}&andc=true

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:01 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"5910369797523699983","debug_reporting":true,"destination":"https://deutschland-reise-versicherung.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["344534256"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"12400475805427151121"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 23:17:01 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 23:17:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"5910369797523699983","debug_reporting":true,"destination":"https://deutschland-reise-versicherung.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["344534256"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"12400475805427151121"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 58ms
57ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 23:17:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 57ms
57ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 23:17:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11610643569412253976/ Frame E0A0 48 KB
48 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11610643569412253976/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=3088186576&adf=289864595&pi=t.aa~a.2191005173~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280&nras=2&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K01U4nPxYT&p=https%3A//www.weego365.live&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b12338f72a0ca5504c4df4d8024bfa6868b7445ca36ebf0457b990fc9647ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 05:05:27 GMT
x-content-type-options: nosniff
age: 497494
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48855
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:24:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Sep 2024 05:05:27 GMT

GET
H3 200 16402115223136551777
tpc.googlesyndication.com/simgad/ Frame E0A0 1 KB
1 KB 25ms
24ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16402115223136551777?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=3088186576&adf=289864595&pi=t.aa~a.2191005173~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280&nras=2&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K01U4nPxYT&p=https%3A//www.weego365.live&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83ab1986e18d076b5d12411e10352a2268cb12927b024dff737dab39e9bdbb11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 13:31:20 GMT
x-content-type-options: nosniff
age: 467141
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1474
x-xss-protection: 0
last-modified: Fri, 06 Aug 2021 14:13:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Sep 2024 13:31:20 GMT

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 0E6C 37 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 05:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 05:12:22 GMT

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8203 37 KB
14 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: www.weego365.live
URL: https://www.weego365.live/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 05:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 05:12:22 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 60ms
59ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 23:17:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/11610643569412253976/ Frame B03B 46 KB
46 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11610643569412253976/6592766407814317453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97e26e29a2f8ac00908991d673c915e86db35a6093615b380b2a2e20e477211b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 18:35:03 GMT
x-content-type-options: nosniff
age: 103318
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47534
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:24:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Sep 2024 18:35:03 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/5084152604905256555/ Frame B03B 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5084152604905256555/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1def24417ef158ca2a4c4fba0564c48c0c6524c318986126565c901b98bde661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 07:44:00 GMT
x-content-type-options: nosniff
age: 487981
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1601
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 13:51:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Sep 2024 07:44:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B03B 15 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 466782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 13:37:19 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B03B 15 KB
15 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 587409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 04:06:52 GMT

GET
DATA 200
OK truncated
/ Frame 435D 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f376847181fad6d0512651bdb84b450847f5238cfadc631f376bdee0f765363

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B03B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa60d596beb413ebdcbb8d369f3eee17249c3e8a154baca48c45f17c581c0c96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 435D 16 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 506513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 02:35:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 435D 15 KB
15 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 587410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 04:06:52 GMT

GET
DATA 200
OK truncated
/ Frame E0A0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57e12d2442f0177bee5efa8ff51e8d714baf6a075b3bce5d9d5e32a0e2e9a02f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E0A0 16 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 02:35:09 GMT
x-content-type-options: nosniff
age: 506513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 02:35:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E0A0 15 KB
15 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 587410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2024 04:06:52 GMT

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 36C2 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 05:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 05:12:22 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame B03B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CRZQZ7Fn6ZLenPIqYywWnj6W4CMbbg-dy8tPp4a0R_YDM4NUOEAEg6endjwFglYKAgKwHoAHrwbq7AsgBCagDAcgDywSqBM4BT9D_9q5aNcXnnPWuyPw_n_h6axqr2r9GISdAT3JzxrHn-uH...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226996406094365623815%22,%22debug_reporting%22:true,%22destination%22:%22https://pluto.tv%22,%22event_report_window%22:%2225...

0
0

61ms
61ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%226996406094365623815%22,%22debug_reporting%22:true,%22destination%22:%22https://pluto.tv%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22661561579%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228465220513989652017%22}&andc=true

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"6996406094365623815","debug_reporting":true,"destination":"https://pluto.tv","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["661561579"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"8465220513989652017"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 23:17:02 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"6996406094365623815","debug_reporting":true,"destination":"https://pluto.tv","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["661561579"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"8465220513989652017"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame E0A0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CBc5S7Fn6ZKLkO_SHxdwPjLeE-AHG24PncprU6eGtEf2AzODVDhABIOnp3Y8BYJWCgICsB6AB68G6uwLIAQmoAwHIA8sEqgTPAU_QCFBZS7cZoL0o_VrzG2T818jPb2OMR0hJSgljLtKJF2G...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22244904015020196064%22,%22debug_reporting%22:true,%22destination%22:%22https://pluto.tv%22,%22event_report_window%22:%22259...

0
0

59ms
59ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%22244904015020196064%22,%22debug_reporting%22:true,%22destination%22:%22https://pluto.tv%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22661561579%22],%224%22:[%2209-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218054244103675431425%22}&andc=true

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"244904015020196064","debug_reporting":true,"destination":"https://pluto.tv","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["661561579"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"18054244103675431425"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Sep 2023 23:17:02 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"244904015020196064","debug_reporting":true,"destination":"https://pluto.tv","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["661561579"],"4":["09-07"],"6":["true"]},"priority":"500","source_event_id":"18054244103675431425"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 75ms
74ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230906&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0e719d4f88ae16fd6da7e43a944b1274f27b8c66dd436c62bb70f8162615c7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11733
x-xss-protection: 0

GET
H2 200 825.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjU29XsYiIfu5REaTJmA4uUZzIEXgq6n5GD3hFsEsipSvgv5Ma7UdsimcTz2WyvW0vu38zuUp2eYoyrkgq2QJVmcxO4w9eNKnr_njOymfqbVaN21Fwn1BHsVNKgXRmXdJ41YvZhjwb3QP51NyJ7... 56 KB
56 KB 220ms
218ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjU29XsYiIfu5REaTJmA4uUZzIEXgq6n5GD3hFsEsipSvgv5Ma7UdsimcTz2WyvW0vu38zuUp2eYoyrkgq2QJVmcxO4w9eNKnr_njOymfqbVaN21Fwn1BHsVNKgXRmXdJ41YvZhjwb3QP51NyJ7x62AARSSt8BlqD7NkSdI1oJhKmARAhOevNkqNP8TJw/s600-e90-w640-h361-c/825.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c97f923f1089936ddf9daafe81de04b3dbd65a98506e0f314cdeae26496a9ff0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v413"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
content-disposition: inline;filename="825.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56854
x-xss-protection: 0
expires: Wed, 06 Dec 2023 23:17:02 GMT

GET
H2 200 pur.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtWABUk8n37EwCi2zi7TshBSzVn_1no-1jMfJiqxpdF3qJmC7Vmc4UrhZMpAZzrcLbCELgTxHPd5SmH9jWSOfwC55IYSXzupPCIU05C7dCFxUqMsb3_jlmk99TT6sW0NeGZS2AfByHGDTbP9na... 118 KB
118 KB 268ms
266ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgtWABUk8n37EwCi2zi7TshBSzVn_1no-1jMfJiqxpdF3qJmC7Vmc4UrhZMpAZzrcLbCELgTxHPd5SmH9jWSOfwC55IYSXzupPCIU05C7dCFxUqMsb3_jlmk99TT6sW0NeGZS2AfByHGDTbP9naUzFSezo0aJdtuwDAVETxuc1nJebz3EghoWn_Jre7mA/s600-e90-c/pur.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

da18b8ac3dfe16f1cfee1cea7fdae2ac97f78da067f21eb9bd54503a359e337d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v351"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
content-disposition: inline;filename="pur.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120979
x-xss-protection: 0
expires: Wed, 06 Dec 2023 23:17:02 GMT

GET
H2 200 07.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrST9_chCdSRew0Jb7jWjEramUX397NoMHHDKvRmad3T-2wpGlYVJt31vfRlgjhUemSBcOsLpUBGSpkXT3CyL6pwGrra8XF4-b-dR2x107hD9FzDAN_Iyte5MA6lD7RkVjqRoSkAXIauP3GsOC... 66 KB
66 KB 255ms
253ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhrST9_chCdSRew0Jb7jWjEramUX397NoMHHDKvRmad3T-2wpGlYVJt31vfRlgjhUemSBcOsLpUBGSpkXT3CyL6pwGrra8XF4-b-dR2x107hD9FzDAN_Iyte5MA6lD7RkVjqRoSkAXIauP3GsOCYPbmebi8oTEsSsy71klxLkZS_T9xDX-HLi_cLZT6kg/s600-e90-w640-h364-c/07.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

28eb6f84acb718b1f77a6cfee178f7a6526789a948789a3b18fb38696b43e29e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v34f"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
content-disposition: inline;filename="07.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67202
x-xss-protection: 0
expires: Wed, 06 Dec 2023 23:17:02 GMT

GET
H2 200 france123.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKggZB-H-_-EfRtvhIXUXOdt5tR89WfVyQslJngrHLZv2X6gbz0G5RWarEW-ofc_5D8KFdZj6YI3Hgv4ZQeMsZ5FDYYjtK4uGdjxu7QDBHjmla6YKKBG11J6rRHLVTD533Ciz78tPaxX85OMcY... 131 KB
132 KB 261ms
259ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKggZB-H-_-EfRtvhIXUXOdt5tR89WfVyQslJngrHLZv2X6gbz0G5RWarEW-ofc_5D8KFdZj6YI3Hgv4ZQeMsZ5FDYYjtK4uGdjxu7QDBHjmla6YKKBG11J6rRHLVTD533Ciz78tPaxX85OMcYd5fncaCvLYI_7KE7XTh6dkSmqRPol1-c2anDOncHsw/s600-e90-c/france123.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

63c4082ba82a71ee882ea8b2d38727dda4bc8e4a3789d98b8663e5e501e6dade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v34d"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
content-disposition: inline;filename="france123.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134641
x-xss-protection: 0
expires: Wed, 06 Dec 2023 23:17:02 GMT

GET
H2 200 Saudi%20Al-Ittihad%20Club.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwQod4kaX9_IBQv95IhMH0XmA66Dv1217EgEvgY4MPMm2J3IG2RpTPdLfPCGgZWUU3jFAYjpkfLa8fNwhsb9yPcTHBmcGs6dVI_QjAQPR-bwtdJ98NzKWYkf6VndofpqGoKRh-EzhpBJ54NdFf... 85 KB
85 KB 297ms
295ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwQod4kaX9_IBQv95IhMH0XmA66Dv1217EgEvgY4MPMm2J3IG2RpTPdLfPCGgZWUU3jFAYjpkfLa8fNwhsb9yPcTHBmcGs6dVI_QjAQPR-bwtdJ98NzKWYkf6VndofpqGoKRh-EzhpBJ54NdFflNxYGtAEex72OAyij1JqEbgoooTTWJip6kF1OtGkuR4_/s600-e90-c/Saudi%20Al-Ittihad%20Club.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0f70902c95431503d79d51844e829d5fb6b011af5811fad8d828e0e725d99721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v19"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
content-disposition: inline;filename="Saudi Al-Ittihad Club.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86797
x-xss-protection: 0
expires: Wed, 06 Dec 2023 23:17:02 GMT

GET
H2 200 bernardo-silva.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijZGaGrESE4_pGF8Lu-wnamD04Pw6QYPGTG1ug7nanfx6Xbjk_UyLIApOHLXVWtVB3aI2mjiKob3NDdUeqE-c4xuBn7580GBWootxdBCoZTupYlOkyNqHV-dybBtMJkROg5QZihpyAII79YJH0... 60 KB
60 KB 270ms
269ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijZGaGrESE4_pGF8Lu-wnamD04Pw6QYPGTG1ug7nanfx6Xbjk_UyLIApOHLXVWtVB3aI2mjiKob3NDdUeqE-c4xuBn7580GBWootxdBCoZTupYlOkyNqHV-dybBtMJkROg5QZihpyAII79YJH0J9yeIW45cBn6PPkyVxGG53DYjxYF5NPgielGUHKoLg/s600-e90-w640-h480-c/bernardo-silva.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ce202af69add6c10600a4b5f214823d944f040976c8ab9a6e1fb40b0fcd6abaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v2cb"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
content-disposition: inline;filename="bernardo-silva.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61544
x-xss-protection: 0
expires: Wed, 06 Dec 2023 23:17:02 GMT

GET
H2 200 %D8%B1%D9%88%D8%AF%D9%8A%D8%BA%D8%B1%20%D9%81%D8%AE%D9%88%D8%B1%20%D8%A8%D8%A7%D9%86%D8%B6%D9%85%D8%A7%D9%85%D9%87%20%D9%84%D8%B1%D9%8A%D8%A7%D9%84%20%D9%85%D8%AF%D8%B1%D9%8A%D8%AF%20%D9%88%D8%B2%D...
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEieed2TiLLI7k6-LhZe1xMmDBG5n-2whPqfKGsmof-6meomEPlJ2O_YM02nxD1UKQPEFnJO0U6syqPeFjkdMkBT98-WzZAfv_RYr8J3BNn1Jt31JMspZgkXDH4Y64lall2wJnWhKLgfeQkwNK2G... 107 KB
108 KB 249ms
248ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEieed2TiLLI7k6-LhZe1xMmDBG5n-2whPqfKGsmof-6meomEPlJ2O_YM02nxD1UKQPEFnJO0U6syqPeFjkdMkBT98-WzZAfv_RYr8J3BNn1Jt31JMspZgkXDH4Y64lall2wJnWhKLgfeQkwNK2GM1ZOoGIiyqr9oKJ_0Nqw2OwTejbdIupQxR9zQ_2Xlw/s600-e90-c/%D8%B1%D9%88%D8%AF%D9%8A%D8%BA%D8%B1%20%D9%81%D8%AE%D9%88%D8%B1%20%D8%A8%D8%A7%D9%86%D8%B6%D9%85%D8%A7%D9%85%D9%87%20%D9%84%D8%B1%D9%8A%D8%A7%D9%84%20%D9%85%D8%AF%D8%B1%D9%8A%D8%AF%20%D9%88%D8%B2%D9%85%D9%84%D8%A7%D8%A4%D9%87%20%D9%8A%D8%B1%D8%AD%D8%A8%D9%88%D9%86%20%D8%A8%D9%87.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fc1b4d101e467b02964e33e917b4e78445516176c6299e6643deca63207f9344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v2bd"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
content-disposition: inline;filename="______ ____ ________ _____ _____ _______ ______ __.jpeg";filename*=UTF-8''%D8%B1%D9%88%D8%AF%D9%8A%D8%BA%D8%B1%20%D9%81%D8%AE%D9%88%D8%B1%20%D8%A8%D8%A7%D9%86%D8%B6%D9%85%D8%A7%D9%85%D9%87%20%D9%84%D8%B1%D9%8A%D8%A7%D9%84%20%D9%85%D8%AF%D8%B1%D9%8A%D8%AF%20%D9%88%D8%B2%D9%85%D9%84%D8%A7%D8%A4%D9%87%20%D9%8A%D8%B1%D8%AD%D8%A8%D9%88%D9%86%20%D8%A8%D9%87.jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109993
x-xss-protection: 0
expires: Wed, 06 Dec 2023 23:17:02 GMT

GET
H2 200 AVvXsEhHJqRMt1SANL_UMV18u2EEXIMfewC8h2ehu-oWpLh2GtR5rJDo79Pko4t_o1nQZHf81A0BFJ817Do722TzGvYrMyb74PS33wyVRVATZXZfe2YPVUS9NB7ay4tCGDo-ipH-rKyjYZwJpFn9awQExxJmvrlfhl1gVTIxMCNJCz51HUv1KGeZfn9FYmlqww=s6...
blogger.googleusercontent.com/img/a/ 96 KB
97 KB 282ms
281ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhHJqRMt1SANL_UMV18u2EEXIMfewC8h2ehu-oWpLh2GtR5rJDo79Pko4t_o1nQZHf81A0BFJ817Do722TzGvYrMyb74PS33wyVRVATZXZfe2YPVUS9NB7ay4tCGDo-ipH-rKyjYZwJpFn9awQExxJmvrlfhl1gVTIxMCNJCz51HUv1KGeZfn9FYmlqww=s600-e90-c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

41b918153c89c55ae0ddf84621af1f0e597759507a454f8c45285fa9a9a87a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v137"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=7776000, no-transform
content-disposition: inline;filename="014.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98781
x-xss-protection: 0
expires: Wed, 06 Dec 2023 23:17:02 GMT

GET
H2 200 %D8%AA%D8%B4%D9%83%D9%8A%D9%84%D8%A9%20%D8%A7%D9%84%D8%AC%D8%B2%D8%A7%D8%A6%D8%B1%20%D8%A7%D9%84%D9%85%D8%AA%D9%88%D9%82%D8%B9%D8%A9%20%D8%A7%D9%85%D8%A7%D9%85%20%D8%AA%D9%86%D8%B2%D8%A7%D9%86%D9%8...
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSGGRjrNsDrK9jAt3cRG6eTYub2M47MystwKuSCjWNig4RSNH8qEq5ULcqa9Lx7Ko7sWbXD4Wpglt_95drTg2lWE-PVHkYYxZ6zyy7jdmKeAfxERZqyECnBTp3o0_bigFBEF0Y0LeBYu4Pvr-3... 112 KB
113 KB 277ms
276ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhSGGRjrNsDrK9jAt3cRG6eTYub2M47MystwKuSCjWNig4RSNH8qEq5ULcqa9Lx7Ko7sWbXD4Wpglt_95drTg2lWE-PVHkYYxZ6zyy7jdmKeAfxERZqyECnBTp3o0_bigFBEF0Y0LeBYu4Pvr-3o9SR64qzrbiixNBdnZA5_vR3J4Owlj3GpghCWepQ8YMu/s16000/%D8%AA%D8%B4%D9%83%D9%8A%D9%84%D8%A9%20%D8%A7%D9%84%D8%AC%D8%B2%D8%A7%D8%A6%D8%B1%20%D8%A7%D9%84%D9%85%D8%AA%D9%88%D9%82%D8%B9%D8%A9%20%D8%A7%D9%85%D8%A7%D9%85%20%D8%AA%D9%86%D8%B2%D8%A7%D9%86%D9%8A%D8%A7%20%D9%81%D9%8A%20%D8%AA%D8%B5%D9%81%D9%8A%D8%A7%D8%AA%20%D9%83%D8%A7%D8%B3%20%D8%A7%D9%85%D9%85%20%D8%A7%D9%81%D8%B1%D9%8A%D9%82%D9%8A%D8%A7.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

58d91f7026d295b222b07b8bd4e9405ce289b7ba5e2324813b9d8bb51d1991cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v23"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="______ _______ ________ ____ _______ __ ______ ___ ___ _______.jpg";filename*=UTF-8''%D8%AA%D8%B4%D9%83%D9%8A%D9%84%D8%A9%20%D8%A7%D9%84%D8%AC%D8%B2%D8%A7%D8%A6%D8%B1%20%D8%A7%D9%84%D9%85%D8%AA%D9%88%D9%82%D8%B9%D8%A9%20%D8%A7%D9%85%D8%A7%D9%85%20%D8%AA%D9%86%D8%B2%D8%A7%D9%86%D9%8A%D8%A7%20%D9%81%D9%8A%20%D8%AA%D8%B5%D9%81%D9%8A%D8%A7%D8%AA%20%D9%83%D8%A7%D8%B3%20%D8%A7%D9%85%D9%85%20%D8%A7%D9%81%D8%B1%D9%8A%D9%82%D9%8A%D8%A7.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115028
x-xss-protection: 0
expires: Fri, 08 Sep 2023 23:17:02 GMT

GET
H2 200 Saudi%20Al-Ittihad%20Club.jpg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwQod4kaX9_IBQv95IhMH0XmA66Dv1217EgEvgY4MPMm2J3IG2RpTPdLfPCGgZWUU3jFAYjpkfLa8fNwhsb9yPcTHBmcGs6dVI_QjAQPR-bwtdJ98NzKWYkf6VndofpqGoKRh-EzhpBJ54NdFf... 1 MB
1 MB 329ms
328ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4ebedd770e867f15962b2588c915f6ec1b84e04c797ee737db762bfc4c7b9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v19"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Saudi Al-Ittihad Club.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1139388
x-xss-protection: 0
expires: Fri, 08 Sep 2023 23:17:02 GMT

GET
H2 200 %D8%A7%D9%84%D8%A7%D8%AA%D8%AD%D8%A7%D8%AF%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D9%8A%D9%81%D8%B1%D8%B6%20%D9%82%D8%B1%D8%A7%D8%B1%D8%A7%20%D8%AD%D8%B3%D8%A7%D9%85%D8%A7%20%D8%B9%D9%84%D9%89%2...
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhe_4KX8Wk9gLWQ0MB6kCLfCj4PiQC95uW2O56DfPAkpUtXLm6rheG-of_epxFPM7DGA0UOeF3f03hCIBLt4Jz0_cuXUlfTQvI-m_QWosd4NQUYlNn_rJqfTbjle911u1H5ymC5hwawjzvkgm_3... 317 KB
318 KB 365ms
363ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhe_4KX8Wk9gLWQ0MB6kCLfCj4PiQC95uW2O56DfPAkpUtXLm6rheG-of_epxFPM7DGA0UOeF3f03hCIBLt4Jz0_cuXUlfTQvI-m_QWosd4NQUYlNn_rJqfTbjle911u1H5ymC5hwawjzvkgm_31H4Ed-RuH8DcMnxfQtDlnL7LC4otTWfLcGVZlEzQsrg/s16000/%D8%A7%D9%84%D8%A7%D8%AA%D8%AD%D8%A7%D8%AF%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D9%8A%D9%81%D8%B1%D8%B6%20%D9%82%D8%B1%D8%A7%D8%B1%D8%A7%20%D8%AD%D8%B3%D8%A7%D9%85%D8%A7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D9%88%D8%AF%D8%A7%D8%AF%20%D9%88%D8%A7%D9%84%D8%B1%D8%AC%D8%A7%D8%A1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

62760f0255cae1557db38607abb8a476ef892f4feff86cb4a5d0c1cb0778ea32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v91"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="_______ ______ ____ _____ _____ ___ ______ _______.jpg";filename*=UTF-8''%D8%A7%D9%84%D8%A7%D8%AA%D8%AD%D8%A7%D8%AF%20%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%20%D9%8A%D9%81%D8%B1%D8%B6%20%D9%82%D8%B1%D8%A7%D8%B1%D8%A7%20%D8%AD%D8%B3%D8%A7%D9%85%D8%A7%20%D8%B9%D9%84%D9%89%20%D8%A7%D9%84%D9%88%D8%AF%D8%A7%D8%AF%20%D9%88%D8%A7%D9%84%D8%B1%D8%AC%D8%A7%D8%A1.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 324614
x-xss-protection: 0
expires: Fri, 08 Sep 2023 23:17:02 GMT

GET
H2 200 Capture%20d'%C3%A9cran%202023-06-30%20143444.png
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVo56MFMvrn_BEwhEB_QPAgeIzLzxLp2WQ3kr9s0CvDtrzaANc8MkZD2mb5V9sE_ynQPHBp1s5KnnUYkpGNbxhcRSRJkIz70m4VGYGsGzYWL2RzEKgPGQpAIgIUlSzBX-NJCMh25Pn_OY7FjG4... 428 KB
428 KB 320ms
319ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjVo56MFMvrn_BEwhEB_QPAgeIzLzxLp2WQ3kr9s0CvDtrzaANc8MkZD2mb5V9sE_ynQPHBp1s5KnnUYkpGNbxhcRSRJkIz70m4VGYGsGzYWL2RzEKgPGQpAIgIUlSzBX-NJCMh25Pn_OY7FjG4bYoQwql-mG-zB4_cw4YkEGmKyvKQ6yWr00ClS1N4Zavk/s16000/Capture%20d'%C3%A9cran%202023-06-30%20143444.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2c890322a41460ed4d30c863682788928bfd8c8e1330fcda6baaddc539d51745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: fife
etag: "v13"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Capture d'_cran 2023-06-30 143444.png";filename*=UTF-8''Capture%20d'%C3%A9cran%202023-06-30%20143444.png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 438242
x-xss-protection: 0
expires: Fri, 08 Sep 2023 23:17:02 GMT

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame CC6B 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 05:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 05:12:22 GMT

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5FA1 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-8263014913054740&output=html&h=280&adk=3088186576&adf=289864595&pi=t.aa~a.2191005173~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694113591&rafmt=1&to=qs&pwprc=9615599809&format=1200x280&url=https%3A%2F%2Fwww.weego365.live%2F&host=ca-host-pub-1556223355139109&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694128620926&bpp=1&bdt=1743&idt=-M&shv=r20230906&mjsv=m202308310101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1534d8010b7bf535-2296099169de0069%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A&gpic=UID%3D00000c7026585008%3AT%3D1694128619%3ART%3D1694128619%3AS%3DALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw&prev_fmts=0x0%2C1200x280&nras=2&correlator=3663550989497&frm=20&pv=1&ga_vid=2001803934.1694128619&ga_sid=1694128620&ga_hid=200453868&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1265&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31076838%2C31076997&oid=2&pvsid=4263530690006053&tmod=985703422&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=K01U4nPxYT&p=https%3A//www.weego365.live&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 05:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 05:12:22 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 59ms
59ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 23:17:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 60ms
59ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Sep 2023 23:17:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Sep 2023 23:17:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A577 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTL_NKw_kPLiF7tigpdbrergIhKwD_XkcOMhozc8MqVA55jPw8C8oqnIL3TpRpc-v2dx6c91CafFNtSS6Mg3bJfZs_Q8SDV3pfqn6YM0r010ZB-KLvtsbNBgtjdE2McMMvgUcOrQwtiCTs&sai=AMfl-YTf9DMdkFmn4SLxQHVKLVzZ-gWCZcwMKdvmu5T0e9_335llS7ZudaduIYht5DTAbIk--bxApdXREptQ&sig=Cg0ArKJSzPkK0DI-9ET9EAE&cid=CAQSGwBpAlJWxxj0Fzzok_kiZXXfvZNlYX9dKxZ20hgB&id=lidar2&mcvt=1007&p=0,0,280,1200&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3091118472&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694128619718&rpt=1546&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8894 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.weego365.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 39768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 12:14:14 GMT
expires: Fri, 06 Sep 2024 12:14:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B862 829 B
559 B 42ms
42ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7a62e1010317bc1399a4710b6062828e58137c792bffc6aaec5f1e5d5d865c97

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NGZWgYa6hlxORJxfR5cGOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.weego365.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-NGZWgYa6hlxORJxfR5cGOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Sep 2023 23:17:02 GMT
expires: Thu, 07 Sep 2023 23:17:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8894 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GMNNf8dPzMFRWE2GFsJAeeYNxVBqAV2Fx36SZG50-nU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 05:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14501
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Sep 2024 05:12:22 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B862 0
0 57ms
57ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230906&jk=4263530690006053&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8894 0
11 B 21ms
20ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cpel2w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 23:17:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8072 42 B
64 B 63ms
63ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyIossgT11agejzyT_76_XStDZk68LGjuMiISEJi8bjjuQA8snsIg-7lEGHVADYuGhxDEbE7G3dZm_maa3Sq3Iue4RodLuP5DP-wpxaHeikEeLtuoox_c-DbyBMhk6A3hC8gWiy1fo3ytQ&sai=AMfl-YRcEPgC4wj6vwy8JhdvfeQB6igoP5CwuZf2Sbs9VZBc54kIhj8AYYCTBcdgt-CYtH151zAKp9_n3D5I&sig=Cg0ArKJSzCuCAP_naimIEAE&cid=CAQSGwBpAlJWZOfDP3PKrODAj5g0NOdh2eQ1H6zQhhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=160,690,1000,1066,1066&tos=160,530,310,66,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694128621054&rpt=368&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE28 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuJEvCvYFYPjm-WhzIYWkAP_85BJ_CDfASzhbi61-EEZzOjaFXqQOPrKDKYz65fL5oc4DvaewP78lFQGFtVjGfgOkA2SCtl5qOVyAnPZOlHd-Tl9NGH3DUOPV1brHGv1sW361BN3B7wBkGT&sai=AMfl-YSE9rRDHrKjQrnoTeRGQVn_bnaGgI4bWnIUQ5MCNIMRTNLDinHktEYrZIE-J7s9Ia9uVGZMnR0fYibY&sig=Cg0ArKJSzFzaK97k6_RYEAE&cid=CAQSGwBpAlJWZOfDP3PKrODAj5g0NOdh2eQ1H6zQhhgB&id=lidar2&mcvt=1000&p=-72,0,428,200&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=0.71&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694128621053&rpt=418&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 23:17:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230906&jk=4263530690006053&bg=!bG-lbyDNAAa6D61Rmg87ADQBe5WfONDUAnYoXjGxA61bDKqvYzDh7DXTFH5BrCSdgnpQz39IUnLYAqXHOmQJqDXbPmgaAgAAAFlSAAAAB2gBB5kCu-SVp_aAgH2w9PaPeFUYbbeXo9LZW-tByVaC_oySnojbe8-hiIB3RJqXSvjwl2okMbKjIDDCe4zo8PflHWpe1MDKvpGO-bSzUBsokKkABcjNJs0e7yFjCYtyqWtg9CrtCRPAhBQFvByUoLhZfyBT_gAkjhglHVzWMbYOaLtIPDnwVS_imk50j8QNX5_LlOC0s_JnFyga0KevzNugR2nJuPVQMt6378RjQmUOpZBBVDh7-9b7_pOCI8VJwiI9fDpFmmb_w0MTYnWXBjrfTXWGNTnzMTkr3ddv8Ny2T1N-aww_hxWn__4_2AgRKicsGl5AqGpo0obA4_AjtZ1uK6MWCudUm8OnD9dK8zzpdZ4Ro0VQTOSrkHlm5Q7cUWnsfQ29nnS5K4jLT9o5aSZhLZ0b9arLdBBMODIe90L1GCxKGfOGBkeUI7aDkanj6qpLdyx41PWkgRlnNuLflEvwCEMwn7XNgsMNllRwR_7EMJj_nUG-R3nKc0OOrwGd29OW_vnltYKKX26WEVptwBrY-6m2V0NlSG839kZ9qpa3O8LwxVEbW28DZi2L8Wd6ZQfTrcUAAqRJ2f3AnwhfEHQNOoM5WcdKefDG6q5Yjt7C6CwzQStRQ4z6OuXFLMn-erx69hDbHWIATwGW3FTdQta4YN8OoPW_432B7547rg6Ibf5wj770OsVwerDqMgXJh0XkcGY7xPJSZq5v2albE2TLcAwf1ti32ylyLmWLJq0wJQUDiWK8E1sVm6yf3bg6K2XmF9c49-3uOEB-A-3SN3XC17lRmMwGVLbolKFcuOPnvZ-05VAqdqOlf_CJd7UE6kzW1t-n3t__ka-yXSnQeKyUz3zhNrulwLdbXShJMpXQ9kvBRj3RLCJ0ybE2z-DZ1Cjj4VofZeZRbS5o8EXWWC2Y7UddQ24BN63RLw1QrPSNlw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 40ms
39ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WK7VXJJE7Q&gtm=45je3960&_p=200453868&cid=2001803934.1694128619&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1694128619&sct=1&seg=0&dl=https%3A%2F%2Fwww.weego365.live%2F&dt=Weego%20365&en=scroll&epn.percent_scrolled=90&_et=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WK7VXJJE7Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.weego365.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Sep 2023 23:17:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.weego365.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.weego365.live/	1970-01-21 00:11:28	Name: _ga Value: GA1.1.2001803934.1694128619
.weego365.live/	1970-01-21 00:11:28	Name: _ga_WK7VXJJE7Q Value: GS1.1.1694128619.1.0.1694128619.0.0.0
.weego365.live/	1970-01-20 23:57:04	Name: __gads Value: ID=1534d8010b7bf535-2296099169de0069:T=1694128619:RT=1694128619:S=ALNI_Ma4Xo1w4EoJe4F239aWEt-ZObBB2A
.weego365.live/	1970-01-20 23:57:04	Name: __gpi Value: UID=00000c7026585008:T=1694128619:RT=1694128619:S=ALNI_Mb_iXZoVeTkor4l6W7nOud_5Sp0gw
.doubleclick.net/	1970-01-20 23:57:04	Name: IDE Value: AHWqTUk4ojILKiuoxCwbk1uEiLXCI_CERPrrDoGUwsjVAZkGc56qrzQZejJRw-nZx-w
.doubleclick.net/	1970-01-20 14:35:32	Name: DSID Value: NO_DATA
.googleadservices.com/	1970-01-20 16:45:04	Name: ar_debug Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230906/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-8263014913054740&fa=3&ifi=7&uci=a!7&btvi=4&xpc=yveHiNQiTT&p=https%3A//www.weego365.live Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.anubis-web.com
blogger.googleusercontent.com
cdn.statically.io
dev.anubis-web.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
host.anubis-web.com
i.imgur.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
stad.yalla-shoots.io
tpc.googlesyndication.com
translate.google.com
translate.googleapis.com
www.blogger.com
www.fontstatic.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.mwaqet.net
www.weego365.live
142.250.184.226
146.75.116.193
185.244.36.136
2001:4860:4802:32::36
2606:4700:3033::ac43:d26a
2606:4700:3035::6815:1ccc
2a00:1450:4001:803::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2013
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2009
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a04:4e42:200::347
2a06:98c1:3120::3
2a06:98c1:3121::3
083c5bf6958d73cf61cc8f18962943cb4bc2858252dbc883aee0da6602c9e3d0
08c8f5a2ee1810eea3fcd85815e88f15d6a2e3f147b7949468a015bd24d9e340
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
09f34e4793ffcb7badb683e956877bce7f781fb4bdd0d47826b9c3fc9fbd8994
0b5e1d37b0f0ad51236e6065493dbc90713a019ae36a57a7d7b1caeb110aa188
0bb0abeb989026d763ba5d4b83848a5ec14f6dc894bb1e25c7104b26d2a2bb4e
0f376847181fad6d0512651bdb84b450847f5238cfadc631f376bdee0f765363
0f70902c95431503d79d51844e829d5fb6b011af5811fad8d828e0e725d99721
102f0b14ef11018f9ad5db887dd40ee5cf21f64dd6c20405b3c9f23395ab81af
15efd616a12ec9db8a03a05228105267a5a6b20fa0aed22f642ad81d0c98a02b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18c34d7fc74fccc151584d8616c24079e60dc5506a015d85c77e92646e74fa75
195b91d89b2c7a3d903ba8ba06d4dff570ab026d51a34bf618a595f6bada9529
1a58c48f70825f344c8dec7770b1ddc8b1b332c04ae93dc312fc5e6c9e7a9a10
1a6f4f68fdea10f9ae1d3c1d858fb2dc4e361528290d4c3a9a3404db3f6afbef
1def24417ef158ca2a4c4fba0564c48c0c6524c318986126565c901b98bde661
2218cb4654ddc8f6734f26342bf23f60d001993dd6bad7617b62e2fb85c40239
22abec37f7e1656ae76c9cd252690ea5376c3f81ec0c6a9534e6452d8de3521c
28eb6f84acb718b1f77a6cfee178f7a6526789a948789a3b18fb38696b43e29e
29c23b443c67d71b7d4cce3ab83674fa7670afeb285fae45a6d9498be7b36988
2c890322a41460ed4d30c863682788928bfd8c8e1330fcda6baaddc539d51745
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d
323b1f66ec4b55534790e19f078cb2140951e97fdc214fd7d5808a3095013162
34aab8940b0ffb940e57f76af9838fee0b4c19b9874ad0f66be9266fd3516e36
370c8cdb456b23d0d6e1fe3fb1b4793edf0d59e14b496f8a842e979021dd009a
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3be7051ca7a21a54c17dcae7438005e0b77a8607e90022a4f48e9fe370ba533b
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
41b918153c89c55ae0ddf84621af1f0e597759507a454f8c45285fa9a9a87a49
453a980367e2c76aacb9c48ddab4f0732175bd0f2aefc257cfaa75dfb4dc2ae2
46b5be1bac36cf3d7600e24ec108d29542c12663b984751538a68650027947f0
4772f6ef2b349725eb4cd8d3fd882f9dd33616e1c61072edc1d9c10af92f0448
4cabfee6c6141d3fc659debc8da21c5ebc92f0a94010ce1cff45284f37de5e15
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4ebedd770e867f15962b2588c915f6ec1b84e04c797ee737db762bfc4c7b9476
536779ca265d15c4e66f8bfe83f3bd1bc15065e079785aefc752b3a9475856a9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57e12d2442f0177bee5efa8ff51e8d714baf6a075b3bce5d9d5e32a0e2e9a02f
58d91f7026d295b222b07b8bd4e9405ce289b7ba5e2324813b9d8bb51d1991cf
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d10a7415f5966f413d4c32f594f31f52171c13f36715dc8f3e84598bb3a9a58
5d10eeed2e36c786b1192705557a4f72268e9c579c5d57c6c568f722bb6c5891
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62760f0255cae1557db38607abb8a476ef892f4feff86cb4a5d0c1cb0778ea32
629b91eea42ad3fd2cdbd95f04cf4bb4dd50ab42a480259f9c5758c02e58d863
62f6cc0d7d2c7df1d698f6a61bcaca3a720d25222e7c54eb8ec0a6a9d40b0aa9
63c4082ba82a71ee882ea8b2d38727dda4bc8e4a3789d98b8663e5e501e6dade
63ff614373b9f318378b7a1f83a321aa90379fe9d6b2d7fff32edf1f5c27eb51
64df679da0a58c4ef24a31c9d23a35f7540024ec3a2a994abc1a9e3714d19f1c
6be1cc006c9757f06273e2c06d559901238c524dfa1b151d6b93905c1ce1b7ac
6d0d2cabb3f6f8dcc13db23c33ec038e3b2a4d6a5ea0553c4dcaa32f8035e57b
6e5fe8221d8c619e027a1361385ed3dfad74b776ceefe6c7d8a9c495490bf9e1
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
728e579ab5497a196186aa6ddecabef043f03477dac92aa62b6f16197795a5d2
7680a1c109a61aaf36a801b60a3584201907da4d93fe361ff0cb2af8ab3b1404
773d39d817342d38ff8203ede93c2280d9f4e6cbeac425fe09bdb7decddc65aa
77981216dc1330ef5848e4266de28b06df5a1bcbc623067a690f970d68b337ad
7867828f2146c09815d9baf1a9f606c4d349bed53ef6d98775aadefb4acb17f1
79e29aefd3de350b683a5a47f6bb28d97d2356b7f2d3c71609e381b4c9e52d81
7a62e1010317bc1399a4710b6062828e58137c792bffc6aaec5f1e5d5d865c97
83ab1986e18d076b5d12411e10352a2268cb12927b024dff737dab39e9bdbb11
88769523ca94fa585dfc474250177392f96d4bba949af71b1d515fc843aa6d6d
8e216ef6426028ff54f8706b86c8ea7243a5cdbecbbbcf72ecac62b5a8541c0b
8e61ee67aded4193a7b7d9da8f685bcc9be9b374f5947f023542411ec094c784
8eeac0c568551c6210ad00d9c682d66360f72815789896676acb65cf645381f5
953b4b72f673971bcccdd71be36e41e3eb04b4bac604fe9a83a6dcb1179c2337
97b47c58e662804749691df086e253e424ffe0b8e6f9a976ff26fe58a29aba8b
97e26e29a2f8ac00908991d673c915e86db35a6093615b380b2a2e20e477211b
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a54980a3e86d82600a56306038bf53c1db0adaa1960a3f94ab173cb99ada7e3
9ae4d5a603e84a35fd7e7befbf0a51cc8afffc60753a7d6a23c7086c8f425961
9b12338f72a0ca5504c4df4d8024bfa6868b7445ca36ebf0457b990fc9647ff4
9b9ef562e3ee79fedace602db6fc35cef87944dcddfe14d927342eae50e522de
9fcc964bb0d817789bb07354ee4543bb052c181f8b6bba877c7a041fa18acf20
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a0eda4cec4632f9fb08418ba565380acae7551a8939f1250f119f47d48cf959c
a20e91d980226e50c3a10ba4b648d9511596d799cbc189e1654611b9ee0ede95
a584b88211de5abf3764f81397ffd690edc8716f6c1a26863f71f115a51e3d65
a79acec595882303736d3005e588ec2b5feec7456f5477108cc6ae26686ec4bf
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f
b1a63c458dfd7a8d50403693bc65d7189d2cb5e10477e1d6a79ad98a1abadfc7
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
bef43c6eb0191b3ab578e28739a8c52988c01231132067c9662f11aa576a3150
bfba98b42a2248873541a172480c12673f6e9d0fdb3a6aecce8423c51110c0a7
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
c8ef4bda7fca6a344c96b99b34306bf6f04573d59236a2bcd33c7bc20eb2a354
c97f923f1089936ddf9daafe81de04b3dbd65a98506e0f314cdeae26496a9ff0
ce202af69add6c10600a4b5f214823d944f040976c8ab9a6e1fb40b0fcd6abaa
d0b550b35fec37801d0531f70902f5f4fa8274b84653a3ed836461dda54c1283
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54
d748f33f8b08a76eb8eef0c7a037adc9bba1a3a3b3cf4a3d286092003c3d7384
d9e508e923c9773f21cc40cf6dd9931ceed90f0696cb33fb05ca0c4a77a861e9
da18b8ac3dfe16f1cfee1cea7fdae2ac97f78da067f21eb9bd54503a359e337d
e0e719d4f88ae16fd6da7e43a944b1274f27b8c66dd436c62bb70f8162615c7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e795abc195f42f9e6012f10e6324807f5192601fb70b2482eecf06abd7d31711
ed3176bf09defd32dd93789f648bac10e423d908c12f622d87648198846cbd6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f057f2ea50996360cb788c5fc87da25674f5a3b48dc1d549440ae68817597415
f21db9aa47c032d89f1a2f02869223fb2d622fa2e8cd88d42db81f21e2386051
f2cbe5826edd81dcac7bfb1cb1027304e1211984a5d983526e9666ab686ed676
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f70d6c2f7dd66ea25be0ac27dbc5b0318851f1222b9fbe934a70d5719af408e4
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f9d0e41f1e324900de704d2c0eef0618885aac645cb406f4f632638c9da1bec7
fa60d596beb413ebdcbb8d369f3eee17249c3e8a154baca48c45f17c581c0c96
fc1b4d101e467b02964e33e917b4e78445516176c6299e6643deca63207f9344

www.weego365.live Open in urlscan Pro 2a00:1450:4001:80e::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

193 Requests

88 %HTTPS

87 %IPv6

18 Domains

25 Subdomains

24 IPs

3 Countries

5218 kBTransfer

9412 kBSize

7 Cookies

2 Outgoing links

Redirected requests

193 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.weego365.live Open in urlscan Pro
2a00:1450:4001:80e::2013 Public Scan

Screenshot
Live screenshot

Full Image

193
Requests

88 %
HTTPS

87 %
IPv6

18
Domains

25
Subdomains

24
IPs

3
Countries

5218 kB
Transfer

9412 kB
Size

7
Cookies

193 HTTP transactions
14 data transactions