wedonweb.com Open in urlscan Pro
2606:4700:20::681a:ff4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wedonweb.com/
Effective URL:
https://wedonweb.com/
Submission: On December 01 via api (December 1st 2023, 4:32:57 am UTC) from US — Scanned from DE

Summary HTTP 120 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 17 domains to perform 120 HTTP transactions. The main IP is 2606:4700:20::681a:ff4, located in United States and belongs to CLOUDFLARENET, US. The main domain is wedonweb.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 30th 2023. Valid for: a year.

This is the only time wedonweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:4a63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 14	2606:4700:20:... 2606:4700:20::681a:ff4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2 13	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	99.81.22.6 99.81.22.6	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223f:2200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2600:1f18:1ac... 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2	14618 (AMAZON-AES) (AMAZON-AES)
120	26

1 2606:4700:20::ac43:4a63 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wedonweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::681a:ff4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wedonweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
omg.wedonweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.20 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.22.6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-22-6.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:2200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	457 KB
20	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	149 KB
15	wedonweb.com 2 redirects wedonweb.com omg.wedonweb.com	170 KB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	168 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	102 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	191 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
4	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	191 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	29 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	49 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6765	408 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	84 KB
120	17

	Domain	Requested by
22	pagead2.googlesyndication.com	wedonweb.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
16	tpc.googlesyndication.com	googleads.g.doubleclick.net wedonweb.com tpc.googlesyndication.com pagead2.googlesyndication.com
13	s0.2mdn.net	wedonweb.com s0.2mdn.net
13	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
9	omg.wedonweb.com	wedonweb.com omg.wedonweb.com
7	dt.adsafeprotected.com	googleads.g.doubleclick.net
6	wedonweb.com	2 redirects wedonweb.com static.cloudflareinsights.com
4	www.googleadservices.com	wedonweb.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	wedonweb.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	static.adsafeprotected.com	googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	s0.2mdn.net
2	googleads4.g.doubleclick.net	wedonweb.com
2	fw.adsafeprotected.com	1 redirects wedonweb.com
2	cdn.jsdelivr.net	wedonweb.com
1	www.google.de	wedonweb.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.cloudflareinsights.com	wedonweb.com
1	www.googletagmanager.com	wedonweb.com
120	26

This site contains links to these domains. Also see Links.

Domain
www.tiktok.com
instagram.com
twitter.com
www.pinterest.com
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-30` - `2024-03-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://wedonweb.com/
Frame ID: 36A57868F95653D6312E91BD3AA07378
Requests: 28 HTTP requests in this frame

Frame: https://wedonweb.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: 94E14C11F6A23178081257145B6C0450
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: EA576B75E17AA699D041B210123FEB92
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&adk=1812271804&adf=3025194257&lmt=1701405172&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172132&bpp=4&bdt=374&idt=275&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=486860716249&frm=20&pv=2&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=293
Frame ID: D655C42F37BD86117DD9010C377DDB00
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=100&slotname=8688504659&adk=1329324074&adf=2178560903&pi=t.ma~as.8688504659&w=300&lmt=1701405172&format=300x100&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172136&bpp=1&bdt=379&idt=297&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=302
Frame ID: 9792A2BA8C3C443F8E5B1FD5AA1BF59E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=200&slotname=6503186836&adk=2384634023&adf=4079769472&pi=t.ma~as.6503186836&w=300&lmt=1701405172&format=300x200&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172137&bpp=1&bdt=380&idt=303&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x100&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=812&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=308
Frame ID: 9B3C27C64DB9C211A73AD56BFDA93160
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D23CA45233E3DE0E5A774BE2D1C9BF90
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNqU3_QBMAE&v=APEucNWJS5ijw-9EkZPi-VPOsh4pi7q53v-zfHnXQcEpQxlW5WQhbRE-Tjurkq8Gyqh3y2miWK5OHK43Fv1V2cnU_pr7d-zn84Jjtb964GPTjDZq-JtoBgUSIUd9NShP7xeegwIvBeguxyrxy46kee5p1cMGpD-69Qm6y6ZCUJq3_2mNRWWxXe0
Frame ID: 85F4E457C6821591D491DFD94DA131DA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 8510D7002EED1AB94CFE745235A64524
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 0BB4B849E519E81BE7B19DFB508E8383
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8E2B5F8A1FD76BD9C025C9B162F6CE8A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 635AFD48E672021A4F33AF62745FC746
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
Frame ID: EF536DDF02EB675CDE64BA004F355479
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 18169D83371C946923168A1F313EDE5F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 921C8A9B8FFDA19C596CD41471A00D2F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 94E70CB7B8753AF886F8A64C35E4796C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 12FB1D3A0600B793410D3FDBF19EFE80
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D0502EAD1BCF90943EA27E734B8A28FF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get Married Online! - Virtual weddings for fun by WEDonWEB.

Page URL History Show full URLs

http://wedonweb.com/ HTTP 301
https://wedonweb.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

120
Requests

93 %
HTTPS

77 %
IPv6

17
Domains

26
Subdomains

26
IPs

5
Countries

1602 kB
Transfer

3947 kB
Size

16
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tiktok.com/@wedonweb/

Search URL Search Domain Scan URL

URL: https://instagram.com/wedonweb_official

Search URL Search Domain Scan URL

URL: https://twitter.com/wedonweb

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wedonweb/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wedonweb/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wedonweb.com/ HTTP 301
https://wedonweb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://wedonweb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://wedonweb.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Request Chain 46

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4JwJ_ETNTqkGZ6F4a8pvs&google_cver=1

Request Chain 48

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWlh9eNhcF2NV7Q0POVpoQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4JwJ_ETNTqkGZ6F4a8pvs&google_cver=1

Request Chain 49

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDUAHRXz9KiYz-wGCMsXUy4&google_cver=1

Request Chain 50

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5MjgxNTgwODc3OTE1MTY3MQ%3D%3D

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 79

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ03E9GFpZdPRHYin3gOfspnQDM2R-b902r-R85cS3NkeEAEgmpv2FWCVgoCAsAegAZfRuZsDyAEBqQL0O5NAUkSyPqgDAcgDywSqBMQBT9D0wHTsp6ZIJ96sxmdnvdvvIAtDzdPaLK_Epl-5tEod950gERcaK9V4IfSVl6BkyuukBlkuQ-u3i1e7XybmZV0j7jRSTueXYSkmVZhlpsnr1Iy9pRFxo-WRRMOJ3SOYA-oGcIkWClxbxLKISPwV9gm999GdAaln3xl9sVEa0Slt4RLWymP5so1ina3LooxWu28OpFr60L6ZuBhz3dhvEnXRZeuIp26KBitzccDp9hIvACc01Ym1-WAZWJphi-uPkmivV8AE24bKz8gEiAXIibjUQpIFBAgEGAGSBQQIBRgEgAfRrsZkqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQycgR0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliK9rKXtO2CA5oJVGh0dHBzOi8vd3d3LmdpLWRlLmNvbS9lbi9zcG90bGlnaHQvZmluYW5jaWFsLXBsYXRmb3Jtcy9ibnBsLWFuLW9wcG9ydHVuaXR5LWZvci1iYW5rc4AKAcgLAaIMHCoaChjktLEC7rWxArW4sQLktLEC7rWxAru7sQLYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItODc5NzY5ODEwODYwNzMwMBgA&sigh=8nEIXl0nkbA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNe8dWKcry5_s74ik6STP-2NtiSMQxMNmdzL29SsR-i9TJOg5uJP6_93dFUJKR9SAq9WLdmQuysOJa0ZnefwF0AH8r5P6FMgy6TRgB&template_id=5028&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221748029919410020223%22,%22debug_reporting%22:true,%22destination%22:%22https://gi-de.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22862873751%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223124817017188690369%22}&andc=true

Request Chain 95

https://googleads.g.doubleclick.net/pagead/adview?ai=CYamb9GFpZZilHLGpjuwPirWY4A2czvi_dLClr6ekEtzZHhABIJqb9hVglYKAgLAHoAGX0bmbA8gBAakC9DuTQFJEsj6oAwHIA8sEqgS8AU_Q0Y8w5LD4tb0duGWoH9_qgEOy221SoBYCEw2n8XURzf0cjq87QVZ0PN91IHgxiWgB4uzvNZx_C50GwaLem2bAHDl2uwd3JJKKz3c5l6QsRXKJAV2S6lrXoIJOxmerC3Otqv1QnNvg6Gmkoq3jDXmIfTVUBrPG4AJLy3DkMbGII520W_1j819kqdULDjbYB7dgXsGqeX-yaCjDV68gdwBCUam5iF0F3u4j-94P451rsVkz-wu_jTx9UDtIwASJ443bwgSIBYP288hCkgUECAQYAZIFBAgFGASAB9GuxmSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBD69E7SCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WOnIsZe07YIDmgloaHR0cHM6Ly93d3cuZ2ktZGUuY29tL2VuL3Nwb3RsaWdodC9kaWdpdGFsLXNlY3VyaXR5L2hvdy1jbG91ZC1jb21wdXRpbmctYWRkcmVzc2VzLWhlYWx0aGNhcmVzLWRhdGEtbmVlZHOACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItODc5NzY5ODEwODYwNzMwMBgA&sigh=VO3ctj46Svk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNjETxyj1dog-EPlCJZpMcJZelNcdVF-3QkmfozLRbh9eXFVl0ZbuX5j7pbH0fBrXeQcYNBBkJ_na6QKOSX-u3i0VrSPSZ5ZohCyIYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212592493374295280098%22,%22debug_reporting%22:true,%22destination%22:%22https://gi-de.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22862873751%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227651782399593627681%22}&andc=true

Request Chain 96

https://fw.adsafeprotected.com/rfw/st/1627455/73523884/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-8797698108607300&ias_chanId=1&ias_placementId=20492285957&bidurl=https://wedonweb.com/&ias_dealId=&xsId=ABAjH0h5eWhTZIJ44Vjwpah7osO7&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0h5eWhTZIJ44Vjwpah7osO7&adContainerId=brand_safety_9WFpZcqtDIy89u8PibWJ8Ao&cbFunctionName=goog_wrapCb_9WFpZcqtDIy89u8PibWJ8Ao&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwedonweb.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwedonweb.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8797698108607300%26output%3Dhtml%26h%3D100%26slotname%3D8688504659%26adk%3D1329324074%26adf%3D2178560903%26pi%3Dt.ma~as.8688504659%26w%3D300%26lmt%3D1701405172%26format%3D300x100%26url%3Dhttps%253A%252F%252Fwedonweb.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701405172136%26bpp%3D1%26bdt%3D379%26idt%3D297%26shv%3Dr20231129%26mjsv%3Dm202311150101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D486860716249%26frm%3D20%26pv%3D1%26ga_vid%3D1178966804.1701405172%26ga_sid%3D1701405172%26ga_hid%3D1037978500%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D512%26ady%3D684%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C42531706%252C44809316%252C31078297%252C44806139%252C44807763%252C44808148%252C44808284%252C44809072%26oid%3D2%26pvsid%3D890380930197348%26tmod%3D1986958678%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D302&adsafe_type=bed&adsafe_jsinfo=,id:d890162d-c2a1-3ef1-b639-c89ebc04a094,c:vwjm6z,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-tvg8m,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tX9UIz2+11%7C12%7C13%7C141*.1627455-73523884%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:141*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:27,oid:b1605a75-9002-11ee-bd04-dec07e1413e8,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?xsId=ABAjH0h5eWhTZIJ44Vjwpah7osO7&ias_xappb=&adContainerId=brand_safety_9WFpZcqtDIy89u8PibWJ8Ao&cbFunctionName=goog_wrapCb_9WFpZcqtDIy89u8PibWJ8Ao&true_pb=

120 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
wedonweb.com/
Redirect Chain

http://wedonweb.com/
https://wedonweb.com/

8 KB
4 KB

825ms
739ms

Document
text/html

2606:4700:20::681a:ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b42672ac36cbea9c5e203367baeeda0dad071de392e1b60e2156fd19819705cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 82e89bcefaa43674-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 04:32:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lxt4A6QDvcVbzrPQ6m38VYeo55z%2FIVrAqo8pNgbqSsccuxWqIruTygC38bZcXLmue2n%2BP%2FeNPDgAo%2FhZ9Lq6UMJ04JjYMtl39YlEccd3BJnTonjYZ7sqKVT5UnA%2FKH7WSxwunD4gRq8%2BOw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-robots-tag: noarchive
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 82e89bce1dafbbda-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 01 Dec 2023 04:32:50 GMT
Expires: Fri, 01 Dec 2023 05:32:50 GMT
Location: https://wedonweb.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzA%2BuhEvIqwm7%2FuULWObsXyxPtuk1UBN%2B3IIy43YbWbtV7VWzQC%2Bp%2B6%2BKo5iqUh%2FV4sF8i1OwA8hxKBGyq8VFREE9z2cR6E9Ub%2BDlejALcDFVNlbsySL6qrNFP3E4rrCRY2gOLp70c1Fgw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
25 KB 131ms
50ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wedonweb.com/
Origin: https://wedonweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 251232
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230118-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJgNZSmowkhJYc561Zy88tYwNizQkbg9RLYzIZUAoU2zYM8yBIivlnbXSNnG%2BQbjrv1nRY9ybDNCmfHQFic2OSQk%2BSLfWFMuIi%2B1vMnRfE1PVHCMHpZfh6UKD8QWgfcIgh8gxFVS%2BPpJ0Tv4yc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82e89bd41ab065a6-FRA

GET
H2 200 wedonweb.css
omg.wedonweb.com/css/ 3 KB
2 KB 78ms
52ms Stylesheet
text/css 2606:4700:20::681a:ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omg.wedonweb.com/css/wedonweb.css

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7b00f50ad015948606e45be27aa33609fdb9615afba48358cb9cfd86711da83

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000006b4cd067-0065465690-522b2cff-sfo2a
age: 101873
cf-polished: origSize=3518
x-envoy-upstream-healthchecked-cluster
cf-bgj: minify
last-modified: Sun, 16 Jan 2022 00:12:13 GMT
server: cloudflare
etag: W/"602e386ffa6dfb23506aace5397e2728"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1699452267.dop229.fr8.t,1699452267.cds128.fr8.shn,1699452267.dop229.fr8.t,1699452267.cds159.fr8.c
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQrqbS5SJjix%2FSxkGREWves1IihcJYaJHy0IDK3BA4sq1Bl4J9HTuUpRL3qWsUnZLUd44cm7bCFIzSjibDgXoWVUy00pMjcRQK%2Fnk5N1yWhg4Bnk39po7zo%2F7iRJucxr%2FyUWgWjXAkRBpLcsoPI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=261029
x-rgw-object-type: Normal
cf-ray: 82e89bd3cdfe3674-FRA
expires: Mon, 04 Dec 2023 05:03:20 GMT

GET
H2 200 css
fonts.googleapis.com/ 782 B
803 B 134ms
47ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Clicker+Script

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f806155401e78aaeec86ad493af62328a69d5186cf5d0c508a1fcaf459a64c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 04:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 04:32:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 04:32:51 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
860 B 135ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,800

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

436e1554c80aa4a1b2712f349598f422106c2fb4d6433b08f1df96446f7a5ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 04:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 03:56:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 04:32:51 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
84 KB 148ms
56ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-W4WYHCCXMC

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

009bdeb355f5cf4af8d7642dabb033d2878540b9ee163f18c6210a27e5a7b977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85132
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Dec 2023 04:32:52 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 150ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8797698108607300

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2dd58417d0565472f035946ac6652822e44abd52c0cb027845f1b414cb19ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wedonweb.com/
Origin: https://wedonweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52880
x-xss-protection: 0
server: cafe
etag: 7970140005400834765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 04:32:52 GMT

GET
H2 200 wedonweb-logo.png
omg.wedonweb.com/images/ 24 KB
25 KB 76ms
50ms Image
image/png 2606:4700:20::681a:ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omg.wedonweb.com/images/wedonweb-logo.png

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efa0efccd4e871361e09b65207c06e36126c749b9f143e04ba727a98160af619

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx0000000000000830f4b04-006557cfe0-522b2d6d-sfo2a
age: 143705
x-envoy-upstream-healthchecked-cluster
content-length: 24894
last-modified: Fri, 31 Jul 2020 10:59:01 GMT
server: cloudflare
etag: "08fc65df5393def984d861319098b5c0"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9ItJzGQWc%2BUhprTHDxNbJ1AHGHFLrYBYwA6pU%2BKzvvIvb%2BKzfiE315W3jQiREA%2Bx41dBPSoupXB0uFQyScXO952VVK86egSLGtGIafWKMnIjaJ3FwlINd7SB43gOnc6KvCL92%2Brt8tGJfYdOYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 7beb26b2-7ac6-425a-9107-443a470e577b
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 82e89bd3cdff3674-FRA
expires: Fri, 08 Dec 2023 04:32:51 GMT

GET
H2 200 birds_icon.png
omg.wedonweb.com/images/ 878 B
1 KB 107ms
81ms Image
image/png 2606:4700:20::681a:ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omg.wedonweb.com/images/birds_icon.png

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2bc67db5c848026757f093ae8b52af31a5a76b9baff1cf7df7f6648f1acdc8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000083120dd9-006557d1e7-522b2d1d-sfo2a
x-envoy-upstream-healthchecked-cluster
content-length: 878
last-modified: Fri, 31 Jul 2020 10:59:06 GMT
server: cloudflare
etag: "10d10fc08b0aafde39f855432b27e418"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41NsJfAkpURn5c5jTABFJnx572yVsVFJwX%2FGsA%2BX5P28AcllMcIws998QIV2Ijd1MVa17XOSo9nk1t1kI1sZXLf10O7PVm1h6gIJclpCOVz6Cw7ODecFA2JJJsXyrit2LPZlnCc23hmd4P4A6Wg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 7beb26b2-7ac6-425a-9107-443a470e577b
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 82e89bd3ce003674-FRA
expires: Fri, 08 Dec 2023 04:32:51 GMT

GET
H2 200 tik-tok.png
omg.wedonweb.com/images/social/ 2 KB
2 KB 49ms
49ms Image
image/png 2606:4700:20::681a:ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omg.wedonweb.com/images/social/tik-tok.png

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

826acacd017df84b19b2ab471476280947c4eb0366b4ba0c323bf88c8ffbffbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000006d6c7981-006547d091-522b2d4a-sfo2a
age: 51354
x-envoy-upstream-healthchecked-cluster
content-length: 1549
last-modified: Fri, 31 Jul 2020 10:59:06 GMT
server: cloudflare
etag: "0b1d8dfba42b4450fce97fa3d165e96e"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1699625269.dop238.fr8.t,1699625269.cds056.fr8.shn,1699625269.dop238.fr8.t,1699625269.cds323.fr8.c
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9YV8FLKzS%2FVsvM2pn2SD9h13BaTV2sjB9a1Mny07jIdArAmR%2Fels4T61JCY0cbmbXNqrXEa8JEMFOjhTdX1PAy3Ckg8%2FyUP9lRDUjxHc%2F2ZoiocfrtQzsrD6OszJhoXoY2aBWEVpZJ57f460JE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=259200
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 82e89bd41e2e3674-FRA
expires: Mon, 04 Dec 2023 04:32:51 GMT

GET
H2 200 instagram.png
omg.wedonweb.com/images/social/ 2 KB
2 KB 51ms
51ms Image
image/png 2606:4700:20::681a:ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omg.wedonweb.com/images/social/instagram.png

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

754573d61b9aa6ffbcc8dfdd9e9176bf7244f7a3799d5734d87dca8d1c602871

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000000000000083120d2f-006557d1e8-522b2d4a-sfo2a
age: 143703
x-envoy-upstream-healthchecked-cluster
content-length: 1832
last-modified: Fri, 31 Jul 2020 10:59:09 GMT
server: cloudflare
etag: "3a54db47bfa263bc9063c08e0909340c"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zk3mJiL%2BLxBZs16HO3yOp%2BwS4y07GUnm6RtxGicD6YhHBoQmonqJPAItwk3%2Brxht0cez3I%2Fe7tG3arHRwIJ7AEvDbmwJujgvTXxLCcKPODAEFRr4SniaOSFuSOGoj3FveomQexh0I%2BkVOx9ksBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-do-cdn-uuid: 7beb26b2-7ac6-425a-9107-443a470e577b
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 82e89bd44e4e3674-FRA
expires: Fri, 08 Dec 2023 04:32:51 GMT

GET
H2 200 twitter.png
omg.wedonweb.com/images/social/ 947 B
1 KB 50ms
50ms Image
image/png 2606:4700:20::681a:ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omg.wedonweb.com/images/social/twitter.png

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

514ae53c0154c406b5d496d8d052e9901ca72d3f1879687b0040b533b2fa8042

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000006bfb61c9-006546cd09-521f6452-sfo2a
age: 143704
x-envoy-upstream-healthchecked-cluster
content-length: 947
last-modified: Fri, 31 Jul 2020 10:59:07 GMT
server: cloudflare
etag: "cfa8e921012682920e2aec90c74a1fe0"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1699452268.dop137.fr8.t,1699452268.cds101.fr8.hn,1699452268.cds211.fr8.c
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3GvKKLRPZS4OsP4BvIZJ%2BBm0vNsX3z%2BfCfweULiSSpZj1f8Ll9TObjxReiFGsPYTQj%2BIYSwNl0k6NURfNk8jnczBVQmISnUyzNKLPr9j58yQRl3ao3Psqjz3DdLb584O3H0u%2BuQmtn9AIuMmPs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=291357
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 82e89bd46e603674-FRA
expires: Mon, 04 Dec 2023 13:28:48 GMT

GET
H2 200 pinterest.png
omg.wedonweb.com/images/social/ 1 KB
2 KB 98ms
93ms Image
image/png 2606:4700:20::681a:ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omg.wedonweb.com/images/social/pinterest.png

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ab6f04764ac69b358310373c6637991395ff52b74cf39f2e586838ed6fb1601

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000006b858c0d-0065467c0e-522b2d6d-sfo2a
x-envoy-upstream-healthchecked-cluster
content-length: 1073
last-modified: Fri, 31 Jul 2020 10:59:09 GMT
server: cloudflare
etag: "1b6c5faaa1a0712ef88e68fefea37da9"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1699694211.dop124.fr8.t,1699694211.cds339.fr8.shn,1699694211.dop124.fr8.t,1699694211.cds168.fr8.c
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BM20ZJI%2BWp6Fl%2Bn67htquVxCIfKv%2BEYESHQWq%2FHz9xGB3h4c9xw77fojLtams0qDBg12d62Lscl89X5sPgeaqHDFu8uSL%2BHTUd9hLi%2F9B2lNxPmPojZRbyDhkbPX8JWjQNL0Li118V8eWIqmI5g%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=259200
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 82e89bd48e6c3674-FRA
expires: Mon, 04 Dec 2023 04:32:51 GMT

GET
H2 200 facebook.png
omg.wedonweb.com/images/social/ 715 B
1 KB 55ms
51ms Image
image/png 2606:4700:20::681a:ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omg.wedonweb.com/images/social/facebook.png

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2f824257da294a8d83cb79379fa6fcf125d1fbf8ab134ab8e0ef96c0403bee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000006cacce55-0065474dff-522b2d40-sfo2a
age: 51353
x-envoy-upstream-healthchecked-cluster
content-length: 715
last-modified: Fri, 31 Jul 2020 10:59:07 GMT
server: cloudflare
etag: "a703ddc15ea6bf2b4c782d87fb2e932d"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw: 1699507844.dop212.fr8.t,1699507844.cds217.fr8.shn,1699507844.dop212.fr8.t,1699507844.cds204.fr8.c
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=slRnMxaQqn5qYF3ZGfVSJPuOcaXHzapKMRD7bTtudkfpUJ0QW178JhZqN2VkVlrqkXfui%2FkVuZ6jy77vjQkKiMxkwFgaLTvTrfdCMqz6BWG8RUvNlN%2B8yHqW1hK7YX%2BFETRMj%2F3CG9F2bWZZ288%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=268796
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 82e89bd48e6f3674-FRA
expires: Mon, 04 Dec 2023 07:12:47 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
24 KB 52ms
48ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wedonweb.com/
Origin: https://wedonweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 170534
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230130-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuSpsFXhy6Av9UviatN8CEGKWK7ZY0ttr7DWoAU%2Fumq%2F%2BrGUed%2BCPwwl1B8wtIOPsdHQY%2FC9FUxEaYcUdk6jMeiRI9goJe5%2FXIp0D1as9CvpV1wXcJ2FnWiGHiTQVJEuZefZr60ixf0NUtva0bU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 82e89bd48b0365a6-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 189ms
91ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: wedonweb.com
URL: https://wedonweb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://wedonweb.com/
Origin: https://wedonweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:52 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 82e89bd51ec91c79-FRA

GET
H2 200 hp_bg.jpg
omg.wedonweb.com/images/ 123 KB
124 KB 54ms
52ms Image
image/jpeg 2606:4700:20::681a:ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://omg.wedonweb.com/images/hp_bg.jpg

Requested by

Host: omg.wedonweb.com
URL: https://omg.wedonweb.com/css/wedonweb.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6eeb0d31deb06d2e9100f909112f078f24885f6041f8fe1000f61af2bb19dc24

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://omg.wedonweb.com/css/wedonweb.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:51 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx00000000000008312029d-006557d1e8-521f6452-sfo2a
age: 143703
x-envoy-upstream-healthchecked-cluster
content-length: 126341
cf-bgj: h2pri
last-modified: Wed, 29 Dec 2021 06:31:38 GMT
server: cloudflare
etag: "e7663ed379f095e65ddb946aa9415114"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vKZ1MfaLyTbEzdSuG156VA2060Iac4r6NSml7A0FoqFI6MAJ5PPQEQckGIbEzW%2Fvph9B2rmrdT7A5gZbci2R7Ub6j8K0J10BIaTUlEuePxk2JbfWTh%2FoD4xi4kThewvXoPpaTgrlj7J9bqcN9Ds%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-do-cdn-uuid: 7beb26b2-7ac6-425a-9107-443a470e577b
cache-control: public, max-age=604800
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 82e89bd48e713674-FRA
expires: Fri, 08 Dec 2023 04:32:51 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
47 KB 169ms
78ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wedonweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 36993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:16:19 GMT

GET
H2 200 raxkHiKPvt8CMH6ZWP8PdlEq71rf0Ts.woff2
fonts.gstatic.com/s/clickerscript/v13/ 22 KB
23 KB 131ms
40ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/clickerscript/v13/raxkHiKPvt8CMH6ZWP8PdlEq71rf0Ts.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Clicker+Script

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac5fec123183904e0207319d30845f69a560d4d7f4bb0f20d6262c9300414c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wedonweb.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 02:30:34 GMT
x-content-type-options: nosniff
age: 525738
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23004
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:30:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 02:30:34 GMT

GET
H2

200

main.js Show response
wedonweb.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame 94E1
Redirect Chain

https://wedonweb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://wedonweb.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 KB
4 KB

46ms
45ms

Script
application/javascript

2606:4700:20::681a:ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wedonweb.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Server

2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e9ee05490624a6c9d99fac60d7fb1647935bdaa4ea3eb73f39fc4739a67782

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wbbl4SchcNLGNap%2FTsF28UdKxgd%2BbFPi8aqZvk2NfaEbe3gc8CtnBlhKv346xgX%2BL3VrKc3Wew%2B9Su%2FA4%2FGDskpN7tW2jjiRUCMDO8newc0zaNY%2FI7FSx7OTcwyfoRx%2FIdhfXJ669lk7EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 82e89bd62f883674-FRA

Redirect headers

date: Fri, 01 Dec 2023 04:32:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=waLLmnqicCF2yqWY5CgrD0QPyMPoJ3GEjZ3%2B77f0ekBJ9clWN6Xdc8a0AiMcbrv9ec2QEqRPjaqIlvnBSfm5YuE%2F3ZM9g9WeHv2Y0%2B3E81X9KfUaDfiluOrQfpgl9dFiW4jQP5LoiK8Cqg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 82e89bd5df593674-FRA

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 158ms
78ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8797698108607300&plah=wedonweb.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8797698108607300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07bcffab8f30f388bd61e0b941103b9da01b6c10aa9a6326ad29ab71a5d730df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137282
x-xss-protection: 0
server: cafe
etag: 8499645379199827201
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 04:32:52 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame EA57 9 KB
4 KB 130ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8797698108607300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wedonweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 21:10:45 GMT
etag: 12051592065903069241
expires: Thu, 14 Dec 2023 21:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 143ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-W4WYHCCXMC&gtm=45je3bt0v9131351412&_p=1701405171901&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1178966804.1701405172&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1701405172&sct=1&seg=0&dl=https%3A%2F%2Fwedonweb.com%2F&dt=Get%20Married%20Online!%20-%20Virtual%20weddings%20for%20fun%20by%20WEDonWEB.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1571
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W4WYHCCXMC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wedonweb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 147ms
47ms Ping
text/plain 2a00:1450:400c:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-W4WYHCCXMC&cid=1178966804.1701405172&gtm=45je3bt0v9131351412&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-W4WYHCCXMC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wedonweb.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 138ms
49ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-W4WYHCCXMC&cid=1178966804.1701405172&gtm=45je3bt0v9131351412&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1644024533

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 82e89bcefaa43674 Show response
wedonweb.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 94E1 0
451 B 64ms
61ms XHR
text/plain 2606:4700:20::681a:ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wedonweb.com/cdn-cgi/challenge-platform/h/b/jsd/r/82e89bcefaa43674
Requested by: Host: wedonweb.com
URL: https://wedonweb.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Dec 2023 04:32:52 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e89bd778503674-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7SfssRTIqwtrGIm5TccRdw8Iwj8YX25QdIjKynyY%2BGH31BB4Jwi0f8ZP18yoHwh6PC5RKseLdhBeHrB7qMT64J1P9z00hbxPz277k59U3lMx9UE2Rs4hR372Ss%2BkHcJQ2nWA4eT4KElfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D655 161 KB
48 KB 481ms
480ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&adk=1812271804&adf=3025194257&lmt=1701405172&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172132&bpp=4&bdt=374&idt=275&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=486860716249&frm=20&pv=2&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=293

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8797698108607300&plah=wedonweb.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5c054c8016575b91faed5b3204a87da2ca849f9a86c34dc7801360acdcc24a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wedonweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48410
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 04:32:52 GMT
expires: Fri, 01 Dec 2023 04:32:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9792 26 KB
11 KB 550ms
549ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=100&slotname=8688504659&adk=1329324074&adf=2178560903&pi=t.ma~as.8688504659&w=300&lmt=1701405172&format=300x100&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172136&bpp=1&bdt=379&idt=297&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=302

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2288902768c47e71b9938d3f37623c739ad9ecf44435ae719c220a3fd2ab67e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wedonweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10636
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 04:32:52 GMT
expires: Fri, 01 Dec 2023 04:32:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B3C 116 KB
40 KB 507ms
507ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=200&slotname=6503186836&adk=2384634023&adf=4079769472&pi=t.ma~as.6503186836&w=300&lmt=1701405172&format=300x200&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172137&bpp=1&bdt=380&idt=303&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x100&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=812&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=308

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62d72ada13ea750a22288f38ba446837722fb36b66f4d96138339a5114265c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wedonweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40559
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 04:32:52 GMT
expires: Fri, 01 Dec 2023 04:32:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 9B3C 8 KB
841 B 50ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=200&slotname=6503186836&adk=2384634023&adf=4079769472&pi=t.ma~as.6503186836&w=300&lmt=1701405172&format=300x200&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172137&bpp=1&bdt=380&idt=303&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x100&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=812&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=308

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 04:32:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 03:30:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 04:32:52 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

beb58642cdf915ee1bcd6488e7b1ab23630c04f05a8e72a658f03e74defa7201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55848
x-xss-protection: 0
server: cafe
etag: 16506479767335378029
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 04:32:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9B3C 2 KB
876 B 146ms
52ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:59:18 GMT

GET
DATA 200
OK truncated
/ Frame 9B3C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 9B3C 24 KB
9 KB 143ms
78ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:59:18 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D23C 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=200&slotname=6503186836&adk=2384634023&adf=4079769472&pi=t.ma~as.6503186836&w=300&lmt=1701405172&format=300x200&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172137&bpp=1&bdt=380&idt=303&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x100&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=812&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=308
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 04:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9B3C 3 KB
1 KB 114ms
50ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:59:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 9B3C 20 KB
9 KB 103ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:59:18 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B3C 202 KB
64 KB 222ms
118ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 04:32:53 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 9B3C 37 KB
16 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 07:40:28 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 85F4 624 B
246 B 56ms
52ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNqU3_QBMAE&v=APEucNWJS5ijw-9EkZPi-VPOsh4pi7q53v-zfHnXQcEpQxlW5WQhbRE-Tjurkq8Gyqh3y2miWK5OHK43Fv1V2cnU_pr7d-zn84Jjtb964GPTjDZq-JtoBgUSIUd9NShP7xeegwIvBeguxyrxy46kee5p1cMGpD-69Qm6y6ZCUJq3_2mNRWWxXe0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=100&slotname=8688504659&adk=1329324074&adf=2178560903&pi=t.ma~as.8688504659&w=300&lmt=1701405172&format=300x100&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172136&bpp=1&bdt=379&idt=297&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=302

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=100&slotname=8688504659&adk=1329324074&adf=2178560903&pi=t.ma~as.8688504659&w=300&lmt=1701405172&format=300x100&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172136&bpp=1&bdt=379&idt=297&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=302
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 04:32:53 GMT
expires: Fri, 01 Dec 2023 04:32:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8510 89 KB
31 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 01 Dec 2023 04:32:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8510 3 KB
1 KB 128ms
84ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:59:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 8510 20 KB
8 KB 88ms
45ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:59:18 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8510 202 KB
64 KB 131ms
47ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 04:32:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8510 42 B
63 B 75ms
73ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DP6pivhVvRobqYK5KRUJbgoRbp2vSZfc-eCai7jstRwNoBR3zuIVbC_uJdQ5l4cXpmvsnLltGdXYdsIuvn7JG5e48NVo9LOtDJExjGVTFuJMZJL-w

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8510 0
20 B 75ms
73ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8259020287920283726&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 0BB4 9 KB
4 KB 39ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wedonweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 03:54:16 GMT
etag: 12051592065903069241
expires: Fri, 15 Dec 2023 03:54:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D23C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
47ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 04:32:53 GMT
expires: Fri, 01 Dec 2023 04:32:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 04:32:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 85F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4JwJ_ETNTqkGZ6F4a8pvs&google_cver=1

43 B
769 B

55ms
54ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4JwJ_ETNTqkGZ6F4a8pvs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNqU3_QBMAE&v=APEucNWJS5ijw-9EkZPi-VPOsh4pi7q53v-zfHnXQcEpQxlW5WQhbRE-Tjurkq8Gyqh3y2miWK5OHK43Fv1V2cnU_pr7d-zn84Jjtb964GPTjDZq-JtoBgUSIUd9NShP7xeegwIvBeguxyrxy46kee5p1cMGpD-69Qm6y6ZCUJq3_2mNRWWxXe0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xy16fXWNkTzdRkd7iQChr58khq9Ox3YcZRROJSlsbqeJ8kHR%2FeoEhvDXbqhszL8VAu4Rky8esW%2FckpECds4Tu4QbTlmzM2bPDsp8FPRBsjZv3%2BG4W7M0yxuse4ezTlXtPN9RE0z1F1BeOw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82e89bdd2a536a74-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4JwJ_ETNTqkGZ6F4a8pvs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 85F4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWlh9eNhcF2NV7Q0POVpoQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4JwJ_ETNTqkGZ6F4a8pvs&google_cver=1

43 B
829 B

57ms
56ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4JwJ_ETNTqkGZ6F4a8pvs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNqU3_QBMAE&v=APEucNWJS5ijw-9EkZPi-VPOsh4pi7q53v-zfHnXQcEpQxlW5WQhbRE-Tjurkq8Gyqh3y2miWK5OHK43Fv1V2cnU_pr7d-zn84Jjtb964GPTjDZq-JtoBgUSIUd9NShP7xeegwIvBeguxyrxy46kee5p1cMGpD-69Qm6y6ZCUJq3_2mNRWWxXe0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7clJoJDNQ8%2B%2BU0uo2j8wmczSMFqlWmTbxaeCnaMUt0XMSaOGbOX1VUND%2F5m7GBcBzB0KpDDfnUyKBS%2FSCH6ltDmP%2FwcUccXa28MCNYRyVr7aTx4bwRhF5DJL36nW3K0XKhTeHWn3gXx%2B4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82e89bdddafc6a74-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL4JwJ_ETNTqkGZ6F4a8pvs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 85F4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDUAHRXz9KiYz-wGCMsXUy4&google_cver=1

43 B
842 B

73ms
72ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDUAHRXz9KiYz-wGCMsXUy4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGNqU3_QBMAE&v=APEucNWJS5ijw-9EkZPi-VPOsh4pi7q53v-zfHnXQcEpQxlW5WQhbRE-Tjurkq8Gyqh3y2miWK5OHK43Fv1V2cnU_pr7d-zn84Jjtb964GPTjDZq-JtoBgUSIUd9NShP7xeegwIvBeguxyrxy46kee5p1cMGpD-69Qm6y6ZCUJq3_2mNRWWxXe0

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
an-x-request-uuid: 372e11f4-8da0-4cd8-8030-c3a649fcc2c0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.100; 80.255.7.100; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDUAHRXz9KiYz-wGCMsXUy4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 85F4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5MjgxNTgwODc3OTE1MTY3MQ%3D%3D

170 B
243 B

48ms
48ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5MjgxNTgwODc3OTE1MTY3MQ%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
an-x-request-uuid: a8e2f3df-a71c-4f4c-9f96-168f03b8d93a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5MjgxNTgwODc3OTE1MTY3MQ%3D%3D
x-proxy-origin: 80.255.7.100; 80.255.7.100; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8510 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3679685395393&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8510 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3679685395393&version=m202309260101&ct=76&x=1&cor=8259020287920284000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8510 109 KB
41 KB 81ms
81ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Boaiis1HnfALk5V3ZuK0y77GIg2OEfYixGp-Knpwi5pnARQJDdy3KQtMSEvBNXOXIPryAmeN8CrU9Spui3E8LYx6rd5EYk_lxqXxMVHeMRcgk8BR0lU6Itac6FvUgPz3mG8fSD5g9B4Usmo1LtDftuqWaJTpDOJtvzZTjiezz2WQ43SKzR6HqCwPyhF7v3lYosQBrjTt5YFua_2xz_d3zhOenHzw&dbm_d=AKAmf-DyLI-V55QnZ9oSI6sl7ZntetlmjGohZTobPj2WGaGda2_CHEkMdFigni1zf0BvNZdXLLGgni7zpxv_y3TcZCIkbr3TXEXK0t9F5y7BPqVGDYnafyTqEQVJwOPvtX8vsasgFW4rvIx64RZk39wC-PH0KTHhMc_6-JHBdPuB5Q6El_7kbwhyNW_Lu1f9enRxGYYGnmfrXjan9Sm9eBWNYhMleg2prKfLotyeNQdZXkNYNwlRl_Gw64CzCEQfQnEgBRpijeXjZqjeKHn2MLLj8GQsA2xP1HrfMlX8fTk7HGBUJrhwzAFMiw0bwctIU4N40uFPJbiuZBSoB83pXOHrTbW33cYLcEdaxOMI-gdaotwffLntMtisLXTRs8JaEGuTiCy6gMsGhhDMJltcDAmKpqBRt2kNMEsPWhkaIjJbB34qdjDpV5hF7zcTHvP3kwwu6cpl76GPp7PAXz_kX6tCfnjbQcTmYQuBaGeR9EhEL9_3UsZk5U3mfRi0icvFSzb8LO-iTrtnH1yPAm8COF39Z0vyKt7EPv8UUbPGqhY5SnxAb3XJpbGQomdhoULgermYip6jGjSAKeiGOtSAQYWlzhFwuWi41e20Yb4eBftXN87lvCYu44di4vpmLMy6h0aVlnxoaEQK-nExie7ntlJVwfAEUBHHn6a229ngSbP8bbimvZswZt4YOa0Vs9HGnghDTddTQQ9GyKa181ACTfg1Da7MrGk3dauRxz-i4zgRU2aPtTsiBKq6Ol4e0Ijkxh-5_D065RP-sOYtfzHPRNss5AjeN-CS3eE35RIyCSZegwfQxprPeOWBo3KjO-fZxX4YKVrPdy5o9TP_94KqONIabcbksOurmAFwtQvrrd2ZKxjowE-GV8N-l9H3sfsWjf2PADsIAnCLkBA-vph4Mw011KlwceglB2JZdcT79TaaPlLX-HyOAr78a0OHFHs59xzkfE2TcjQZ4mfJIBXxtJpCTk58r54L9LesbOZN6jB6VemH0SJRgZMGcOqhkNOeg-gkNrYEzpBP2aDX0qu06S5uguLtFeQpjp3g0V3OSTnVQrV0BiVX1HNWjyfkEOD7opEpZXfy4hYN7n3tvZtd0pdbwENIt1SuYJgikYQSyfh0fDhSMA_dfUDjP0S0sle-Ys0m6O_XX8SiOqzbZQRDLZKkgqj4mLs612GQWpKDRe8l8BhmpfadxmxdWkmmj2wqtUVDB8mlo_AWavqbnn-Nj0ra12B34kXue4vNwV1mzjMFaSpAFtZwqlWswgbevbuv8NoaKAMwzDR5ekLzkkiF5ZrN5eqJ4IJE14LHr3eM8AIZtvpgQFgAp_Of2zqqFOqMs_rQ3E-6MohTSfthAxii5raco95HBKxggUx5dgRFcXid_057Ac8Iai8YcSAgy5kNxmOfOdMTY-SYqMGtXikKEoHlNYUwiMn47HUmuRGYth7wXaGLOUUbN7BUyYhva5Jo9vX_p-TOwiwraP5BTgTbXJCXzhf5kuOxerUAQs_w7E19mFR66cb90piY-ZXsuz-qsd5nrTLFIV0l0kwYwaJgUl7vGgaNDjKzaqf9RyvbWVpLTsn3Hr1uqhf1IEbbZ23lHoKsni-_5Rrdvide6e1uZCEMEICCogZbZUTI4te61p5jnhW1jIfwGhFwlAxeZPN1Es9UHLWtdWJpvsx_sxzuPZxhxnibvheikHxcr_gtW5ZE7xHgUd_bEw_ijnF2VDbEzovvHhmhtBbJPWWG9Nh6CcayD0dRyi2BhxhxsKupCSPeI9ukj-96YEyugT3oY8kIwDwdmwnfiVwCCPy-U8dfyO_gInBis9n03rJCp7ZI1CYtmAkF0lQ3a_iMd9jE_AulGU5_QXpa-D18WPypEPg2VbbcQ5M9DU3N28r2z6QEWbuWWUvpKG1nFPSjLAKm9wkqLLztl_61K6D65zV7GZWgJXVAmtvSI_JSMGRHgFdxj-zSGQcmU6hpJ_f8lIivATaWnJyUf1XdEbUGkyNW9u5fjq3oshrkzWiKkmv7F2ikDEVNRfqd8e44vMzZAoEPEIEZuqWcKqm-ONMl8eYPCj2ify5Gx_NTDbcT9D2Wt8GrT_nObBwXnMglBfPbWqlsDggyMymmdXBlo6izN2RUVUEG_uRmvJIDp8ZQKbvQHvOpcY4ruwfc7urkyXDyWzpgKn7mKlqvQTGUA2DYflIPSclWTnR6n0eWS2HjjKgs1oAjgj8kzm0T11bUqICQkG2nBpmR7gOgQ_pW1WPR8CRRRHLGbcN4RTJyqa75-C-sFAZ5ScrcfLePfkx6S_xWOoiF_9a7Z7zRMxfbhxxUJMSouhD1vjJQqjDyk04B_Sl8GIS1H3kautSFXovm8f33Zgy58J0f1niJJlQ4IPcSj7ROO-_xrLOIrIuxcf_xbv1RoiVBFWNeTEqYi-qK468hZTK7yFMfzA-2ziGeXd1oUwNBkgg-v9h97wazIT8L14CcNcF1z4hj2tgSp8jpOrHWPIhJC5Fp9aejvxjU5Nb8BjbObGllIOrweceoTsNvjz-kIDId4HCiZBdVVov5f_WsneUor1BuZ80NRvHAlLf4OscRmy9tulN-0Ulag2VCLDgAr2ys2DQ_7I-_RP2PgEKo1mS2xQvmmeWUa7Kao0xe1EHkPc0r3EQcVwKGspEIJr_WxXBQ2IXFNvRdI_mDWjwfoOBRi8Ab950PRb_2EKGnUsPKWGDwoL5hrIXufqSZpUCky-kRGT8WD8RUF7u8eCWMa0fjVjq6aM0o7mIwaMLG6JHaxc80hcZm944oPS2ICR_MSqqHlTuL4xil281ggOj7cqqkF8wjVPz7lS_A4nMioTVPywMGmWG7lGO51nowlNExr1wxr9ZPoGecmeJvsh8d1-H7zqgnyhQVqYPssk-s3femxP2nLVOrKl5xraHJkKd_tTQpXP8_R5Tbz2P42kkLlMU3xwahsoD4WYCqvEuoX4U_jRd0nyC8MGh4FOIaYWqWEUtOZ5IW0vTqduYh-OPruRSuvKO61JnfUKG0gdGMCvhI-_sQVHcFM8O6dc-mMQDXyaS_i41gRE3X6OxYQg_Lf2Bj0FuGmzg-q-LZZTACCZjjQ66eRTCIrVsENxKgVOHNM1KxaYYVQfHinobNqb5fjVAHFkk6_YPX5Cv-ShB0KP0Lxlp3MMwnReBBGxGaMgPh_fuo_eXhXsnPsCHqcFxrFvlUvB31M7VCeapaZqaaFV6k5YvJMpm2NwATcnfH_kxxdJIX4sR6cLOK1-JVZLjZTpcXkPS0KEZiZ6v1EGufGwK1C4EilUWrULTjQ02b386IGigqYBijnco_r7-p1PJ5b2unjt9pNgUoAsO_qz_jFWsBb24mMkQNfor8UH4NqJrj4tAZeuwtvo_5ut4nY-poJO6pxBPyaNQf8HxvYFQSWaQMdAcnZDtBpRwlmljrsi4uBZi57Gn4Dw4LjlQkpELq9vdWZ37yHlQOvERnhvQmhIYJXS3D_HDduv04TP6TFnxWtysdTjCz9uploo_JeEEwV3DeloFjH0FSvJtHZMVX&cid=CAQSTwDICaaNsZDRUcGHqg3dVCbNp7bKUrZPdyEuEPyZ5OAX5cJSUg_Y0j4rz5y_Dc69bzua__YfbrAMGS_v-aU6Pgw3D-o-vqLT8sIApISXxsUYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwedonweb.com%2F&ds=l&xdt=1&iif=1&cor=8259020287920284000&adk=497053795&idt=71&cac=0&dtd=28

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95f5d9af5b985ea52f5a7e4290e1d5349b42bd37d227d44f5981dc951b157e78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=100&slotname=8688504659&adk=1329324074&adf=2178560903&pi=t.ma~as.8688504659&w=300&lmt=1701405172&format=300x100&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172136&bpp=1&bdt=379&idt=297&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=302
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b1fdc9f83bbec90a172a8086cc6d7abe.js Show response
www.gstatic.com/mysidia/ Frame 0BB4 9 KB
4 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b1fdc9f83bbec90a172a8086cc6d7abe.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:39:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 11:42:01 GMT

GET
H2 200 280465d6b51993ac6d052e033b440ef2.js Show response
www.gstatic.com/mysidia/ Frame 0BB4 11 KB
5 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/280465d6b51993ac6d052e033b440ef2.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3e4cdbb12defe352221c7446f538206d487f314187f7883e6f261d9246ab3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:22:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4756
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:39:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 20:22:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0BB4 14 KB
1 KB 54ms
53ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 01 Dec 2023 04:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 03:29:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 01 Dec 2023 04:32:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0BB4 2 KB
857 B 49ms
45ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:59:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 0BB4 24 KB
9 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:59:18 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0BB4 3 KB
1 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:59:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0BB4 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:59:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30815
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:59:18 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0BB4 202 KB
64 KB 74ms
72ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 04:32:53 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 0BB4 37 KB
15 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 19:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 19:22:26 GMT

GET
DATA 200
OK truncated
/ Frame 9B3C 205 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdfad01a445cbda792fa87c1b079b9b6a969faf6bb598c2f9d69b89bbfb9bb5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13045310469748645498/ Frame 0BB4 2 KB
2 KB 39ms
39ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13045310469748645498/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b3d5cc9f678f41aa9ee0b49f9106a1f0bde7e039a89ba312ddcdd391d3dc654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 04:44:47 GMT
x-content-type-options: nosniff
age: 517686
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1823
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 12:40:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Nov 2024 04:44:47 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1627455/73523884/ Frame 8510 255 KB
77 KB 275ms
117ms Script
application/javascript 99.81.22.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1627455/73523884/skeleton.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-8797698108607300&ias_chanId=1&ias_placementId=20492285957&bidurl=https://wedonweb.com/&ias_dealId=&xsId=ABAjH0h5eWhTZIJ44Vjwpah7osO7&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0h5eWhTZIJ44Vjwpah7osO7
Requested by: Host: wedonweb.com
URL: https://wedonweb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.22.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-22-6.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 84647aa4504ea68201771de0c91c7103cccb26ac39b9dbad6c18a879b34dabce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 8510 111 KB
39 KB 139ms
39ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Dec 2023 07:40:28 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame 8510 11 KB
4 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Boaiis1HnfALk5V3ZuK0y77GIg2OEfYixGp-Knpwi5pnARQJDdy3KQtMSEvBNXOXIPryAmeN8CrU9Spui3E8LYx6rd5EYk_lxqXxMVHeMRcgk8BR0lU6Itac6FvUgPz3mG8fSD5g9B4Usmo1LtDftuqWaJTpDOJtvzZTjiezz2WQ43SKzR6HqCwPyhF7v3lYosQBrjTt5YFua_2xz_d3zhOenHzw&dbm_d=AKAmf-DyLI-V55QnZ9oSI6sl7ZntetlmjGohZTobPj2WGaGda2_CHEkMdFigni1zf0BvNZdXLLGgni7zpxv_y3TcZCIkbr3TXEXK0t9F5y7BPqVGDYnafyTqEQVJwOPvtX8vsasgFW4rvIx64RZk39wC-PH0KTHhMc_6-JHBdPuB5Q6El_7kbwhyNW_Lu1f9enRxGYYGnmfrXjan9Sm9eBWNYhMleg2prKfLotyeNQdZXkNYNwlRl_Gw64CzCEQfQnEgBRpijeXjZqjeKHn2MLLj8GQsA2xP1HrfMlX8fTk7HGBUJrhwzAFMiw0bwctIU4N40uFPJbiuZBSoB83pXOHrTbW33cYLcEdaxOMI-gdaotwffLntMtisLXTRs8JaEGuTiCy6gMsGhhDMJltcDAmKpqBRt2kNMEsPWhkaIjJbB34qdjDpV5hF7zcTHvP3kwwu6cpl76GPp7PAXz_kX6tCfnjbQcTmYQuBaGeR9EhEL9_3UsZk5U3mfRi0icvFSzb8LO-iTrtnH1yPAm8COF39Z0vyKt7EPv8UUbPGqhY5SnxAb3XJpbGQomdhoULgermYip6jGjSAKeiGOtSAQYWlzhFwuWi41e20Yb4eBftXN87lvCYu44di4vpmLMy6h0aVlnxoaEQK-nExie7ntlJVwfAEUBHHn6a229ngSbP8bbimvZswZt4YOa0Vs9HGnghDTddTQQ9GyKa181ACTfg1Da7MrGk3dauRxz-i4zgRU2aPtTsiBKq6Ol4e0Ijkxh-5_D065RP-sOYtfzHPRNss5AjeN-CS3eE35RIyCSZegwfQxprPeOWBo3KjO-fZxX4YKVrPdy5o9TP_94KqONIabcbksOurmAFwtQvrrd2ZKxjowE-GV8N-l9H3sfsWjf2PADsIAnCLkBA-vph4Mw011KlwceglB2JZdcT79TaaPlLX-HyOAr78a0OHFHs59xzkfE2TcjQZ4mfJIBXxtJpCTk58r54L9LesbOZN6jB6VemH0SJRgZMGcOqhkNOeg-gkNrYEzpBP2aDX0qu06S5uguLtFeQpjp3g0V3OSTnVQrV0BiVX1HNWjyfkEOD7opEpZXfy4hYN7n3tvZtd0pdbwENIt1SuYJgikYQSyfh0fDhSMA_dfUDjP0S0sle-Ys0m6O_XX8SiOqzbZQRDLZKkgqj4mLs612GQWpKDRe8l8BhmpfadxmxdWkmmj2wqtUVDB8mlo_AWavqbnn-Nj0ra12B34kXue4vNwV1mzjMFaSpAFtZwqlWswgbevbuv8NoaKAMwzDR5ekLzkkiF5ZrN5eqJ4IJE14LHr3eM8AIZtvpgQFgAp_Of2zqqFOqMs_rQ3E-6MohTSfthAxii5raco95HBKxggUx5dgRFcXid_057Ac8Iai8YcSAgy5kNxmOfOdMTY-SYqMGtXikKEoHlNYUwiMn47HUmuRGYth7wXaGLOUUbN7BUyYhva5Jo9vX_p-TOwiwraP5BTgTbXJCXzhf5kuOxerUAQs_w7E19mFR66cb90piY-ZXsuz-qsd5nrTLFIV0l0kwYwaJgUl7vGgaNDjKzaqf9RyvbWVpLTsn3Hr1uqhf1IEbbZ23lHoKsni-_5Rrdvide6e1uZCEMEICCogZbZUTI4te61p5jnhW1jIfwGhFwlAxeZPN1Es9UHLWtdWJpvsx_sxzuPZxhxnibvheikHxcr_gtW5ZE7xHgUd_bEw_ijnF2VDbEzovvHhmhtBbJPWWG9Nh6CcayD0dRyi2BhxhxsKupCSPeI9ukj-96YEyugT3oY8kIwDwdmwnfiVwCCPy-U8dfyO_gInBis9n03rJCp7ZI1CYtmAkF0lQ3a_iMd9jE_AulGU5_QXpa-D18WPypEPg2VbbcQ5M9DU3N28r2z6QEWbuWWUvpKG1nFPSjLAKm9wkqLLztl_61K6D65zV7GZWgJXVAmtvSI_JSMGRHgFdxj-zSGQcmU6hpJ_f8lIivATaWnJyUf1XdEbUGkyNW9u5fjq3oshrkzWiKkmv7F2ikDEVNRfqd8e44vMzZAoEPEIEZuqWcKqm-ONMl8eYPCj2ify5Gx_NTDbcT9D2Wt8GrT_nObBwXnMglBfPbWqlsDggyMymmdXBlo6izN2RUVUEG_uRmvJIDp8ZQKbvQHvOpcY4ruwfc7urkyXDyWzpgKn7mKlqvQTGUA2DYflIPSclWTnR6n0eWS2HjjKgs1oAjgj8kzm0T11bUqICQkG2nBpmR7gOgQ_pW1WPR8CRRRHLGbcN4RTJyqa75-C-sFAZ5ScrcfLePfkx6S_xWOoiF_9a7Z7zRMxfbhxxUJMSouhD1vjJQqjDyk04B_Sl8GIS1H3kautSFXovm8f33Zgy58J0f1niJJlQ4IPcSj7ROO-_xrLOIrIuxcf_xbv1RoiVBFWNeTEqYi-qK468hZTK7yFMfzA-2ziGeXd1oUwNBkgg-v9h97wazIT8L14CcNcF1z4hj2tgSp8jpOrHWPIhJC5Fp9aejvxjU5Nb8BjbObGllIOrweceoTsNvjz-kIDId4HCiZBdVVov5f_WsneUor1BuZ80NRvHAlLf4OscRmy9tulN-0Ulag2VCLDgAr2ys2DQ_7I-_RP2PgEKo1mS2xQvmmeWUa7Kao0xe1EHkPc0r3EQcVwKGspEIJr_WxXBQ2IXFNvRdI_mDWjwfoOBRi8Ab950PRb_2EKGnUsPKWGDwoL5hrIXufqSZpUCky-kRGT8WD8RUF7u8eCWMa0fjVjq6aM0o7mIwaMLG6JHaxc80hcZm944oPS2ICR_MSqqHlTuL4xil281ggOj7cqqkF8wjVPz7lS_A4nMioTVPywMGmWG7lGO51nowlNExr1wxr9ZPoGecmeJvsh8d1-H7zqgnyhQVqYPssk-s3femxP2nLVOrKl5xraHJkKd_tTQpXP8_R5Tbz2P42kkLlMU3xwahsoD4WYCqvEuoX4U_jRd0nyC8MGh4FOIaYWqWEUtOZ5IW0vTqduYh-OPruRSuvKO61JnfUKG0gdGMCvhI-_sQVHcFM8O6dc-mMQDXyaS_i41gRE3X6OxYQg_Lf2Bj0FuGmzg-q-LZZTACCZjjQ66eRTCIrVsENxKgVOHNM1KxaYYVQfHinobNqb5fjVAHFkk6_YPX5Cv-ShB0KP0Lxlp3MMwnReBBGxGaMgPh_fuo_eXhXsnPsCHqcFxrFvlUvB31M7VCeapaZqaaFV6k5YvJMpm2NwATcnfH_kxxdJIX4sR6cLOK1-JVZLjZTpcXkPS0KEZiZ6v1EGufGwK1C4EilUWrULTjQ02b386IGigqYBijnco_r7-p1PJ5b2unjt9pNgUoAsO_qz_jFWsBb24mMkQNfor8UH4NqJrj4tAZeuwtvo_5ut4nY-poJO6pxBPyaNQf8HxvYFQSWaQMdAcnZDtBpRwlmljrsi4uBZi57Gn4Dw4LjlQkpELq9vdWZ37yHlQOvERnhvQmhIYJXS3D_HDduv04TP6TFnxWtysdTjCz9uploo_JeEEwV3DeloFjH0FSvJtHZMVX&cid=CAQSTwDICaaNsZDRUcGHqg3dVCbNp7bKUrZPdyEuEPyZ5OAX5cJSUg_Y0j4rz5y_Dc69bzua__YfbrAMGS_v-aU6Pgw3D-o-vqLT8sIApISXxsUYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwedonweb.com%2F&ds=l&xdt=1&iif=1&cor=8259020287920284000&adk=497053795&idt=71&cac=0&dtd=28

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 19:58:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 19:58:01 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 8510 31 KB
12 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:19:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11894
x-xss-protection: 0
server: cafe
etag: 8278194740845609983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 23:19:49 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8510 41 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 476131
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Nov 2024 16:17:22 GMT

GET
DATA 200
OK truncated
/ Frame 8510 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca0baed1700f35ecc342690da4052d4cd9774aa71a7fc76fda6e513884c380d7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8E2B 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 04:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0BB4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 286cbdea1c82ad8d82d6efbc4c55bb38e1f13d869937b571adaf619f8516b764

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 9B3C 47 KB
47 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700%7COpen%20Sans%3A300%2C400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 18:16:19 GMT
x-content-type-options: nosniff
age: 36994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:16:19 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0BB4 33 KB
33 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 242615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Nov 2024 09:09:18 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 635A 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 476082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Nov 2023 16:18:11 GMT
expires: Sun, 24 Nov 2024 16:18:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8E2B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

53ms
52ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 04:32:53 GMT
expires: Fri, 01 Dec 2023 04:32:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 04:32:53 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8873050794531264236/ Frame EF53 6 KB
2 KB 119ms
39ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eccfe2dacabb31d8c37f0ea1e035b217fe04d7d1c79367b674e7009dd0361863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 536531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1868
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Nov 2023 23:30:42 GMT
expires: Sat, 23 Nov 2024 23:30:42 GMT
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8510 0
0 209ms
85ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKPBhKoE17NCYk7SNLFSOk6xzo-7FTiH7IUxIff22tCmUlA96WdyFvjaCZkpJgU3_Mcp2acfO6OjLXPmiU8l7rkQc-LW1hPwjV7oLNZR7tck9UN9sQE0hifkBVzw3D-v4dzMmH4ySd2n3pYMz_ufJMJ2-MLezAzGUecN4OEY0VR03mVwS7VWdTtDfUElRP5l5JYSl7lf9XT8HCGsuknBwR6gyvIOSYIPalNneOH0DDsomFj83uBtjZkCpec0gg_PeF1k3VxpcrSHGKsMNdu6T1lZoBK1CKqCNM7e21cDDp_mObzEQiflOKdRxAMMOghpBvYHeJ5Ts2HqLc-fkYO26svEB5FiQNrAOwpdIxz2wx9AsmV5-fHH3qo0ZlJK44tHA723JVtlv1dFydyR9Ff9LgNRjgjc6JWik0u9jCDwC5OI-8avdNOoiYteBNi85VbU8GhBDNaOVYGH_6c4VQt9Z7HMO-A1qmld9jOC1Z5oVZH8FGVysRRAAssFoIK7DLST5bKsy0akokFEyXqHt5KnBj92w2fSeuMny8D7dZuzGdlUav6vfdKl13M1X2uEy7zpFmi-E4-75CESoShrCvyg7zt8YWfUdnYnSW6AY8brMQameLbdXBN9ba0rJuP9sLbDAKfOzqqkoGpunDiSRzk2T87EMEYqAL8cpfFtiAV4A3TN9v439uTv8BaYZF3aDPSEsBeGppChev7ttRGDCQPO2Rpssx1lSQIDssIcIdfWtrtMdB2WiES0yl7c56WihkGe7NB9DzAwS1WdgBrHGm-pZaSdBDEBWS_unF5C5J9Ur503wPFeAvb_LuQjXWdzFYOlRjkGra7zcMtUEJYlbcPWCm6UMNWNXnLBcgu5b5kMDTiOnF1fZoTsUv14jyOrUF-9uDAd2i_0WWPJXxTrP-gl8i7qryHJwvybBMVMQvoxAjlj4HP_mck41myQ66wlrahYOr9J1FjnEKCzOyFMw62U30L9G4DCE1LiDBrQpbOZVpVxbFGTazgsju7UQ-1qud0ERD-BKXmtM-ME6kDFgRa3WiWw2_2kCUj18O6rICU_3x6fJa1Gawy0I9zW557mipLo9itq0hiqO6WTYy9mV4brR6qToc3GhhiQaNC0LHIEcZEqMh6JvmOwISDffFYl-_76GdDZoUE9rxELzXc-1W8p-UUexAGHhx6HAEOiN9wSJ4Tz7y3f6ZXrz9rWhHnWdWtNHmpXsEcC36TEXxzb-WMi5gnt_wYa8dhhNeTusboop6Y0Wr3jWWRnQeiVQ4w863Spj1S3zWtgt90BbEDgo&sai=AMfl-YR9LGW9Ww1LuhhLXpJ_G-IO2ZgzaQOdbsP7kTLumHLpm-NbeSuWL_X537Kgsll9hSHbr81P1btA8M__KxZizDB38KIdtELeqBX1n6ZAd0r9PHCguLgv7PQph0NPNYMba0p8qZYTPRUs1PDNbePINZdlCn0nxCj2p8WC2Wjb3gPXdLjc-W7Gq94d-GgFLYNm-noZoJkAT5yT5qgVnC4MpvNJbbRfMiVojaDjhIS_WBKIl-AcqgMiHqqJLICJmmxp-8d95T9Va-nnAKjGxZ5gRxeKr_BdYmb928O4VcNoNA&sig=Cg0ArKJSzAsxFqTCBv80EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=219&cbvp=1&cstd=215&cisv=r20231129.94164&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Dec 2023 04:32:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9B3C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ03E9GFpZdPRHYin3gOfspnQDM2R-b902r-R85cS3NkeEAEgmpv2FWCVgoCAsAegAZfRuZsDyAEBqQL0O5NAUkSyPqgDAcgDywSqBMQBT9D0wHTsp6ZIJ96sxmdnvdvvIAtDzdPaLK_Epl-...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221748029919410020223%22,%22debug_reporting%22:true,%22destination%22:%22https://gi-de.com%22,%22event_report_window%22:%222...

0
0

164ms
74ms

Fetch
text/css

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221748029919410020223%22,%22debug_reporting%22:true,%22destination%22:%22https://gi-de.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22862873751%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223124817017188690369%22}&andc=true

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1748029919410020223","debug_reporting":true,"destination":"https://gi-de.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["862873751"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"3124817017188690369"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Dec 2023 04:32:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Dec 2023 04:32:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1748029919410020223","debug_reporting":true,"destination":"https://gi-de.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["862873751"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"3124817017188690369"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 1816 51 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 114749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:40:24 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 635A 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 22:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22584
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 22:16:29 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 168ms
73ms Preflight
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 04:32:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8873050794531264236/css/ Frame EF53 6 KB
2 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddfef1883718681942a3416dafc4bcf4f0e306d3b41e779b3912b6ddeaab4e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 23:30:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536531
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1941
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 23:30:42 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame EF53 70 KB
25 KB 137ms
46ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 85599
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25267
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-62b3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMAcUwrN2FJCCVFJinwzSVzodFWq5iOV%2FRynfMPkHFQ5dR0zSsVXv1R9hv4Rw1dbNeeRmJOPXrUKVRpcH0T5YqSNoTol8L%2FHN2mGbMZyz2ZK71pyLmm0HBnngmjatsL1ZICSDK%2Ftq9MODeq9uAlKLh68"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82e89be058f52c00-FRA
expires: Wed, 20 Nov 2024 04:32:53 GMT

GET
H2 200 CustomEase.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/ Frame EF53 7 KB
4 KB 145ms
54ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.0/CustomEase.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 166200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3299
last-modified: Tue, 01 Aug 2023 16:38:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c93515-ce3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMnFWGyOm4YcjxW2H%2FB9oqnqpovb9IQ5ikPuIWxN3tdHB1HfMWn3XhNb0ffSHpUdjScbMT%2FmySakUAC3NczzQW99eqn5p0lWpO4HoW7KjQ79s8X2PGy3Bx%2ByHDmk86JLxGbgfhqU7AsIlmZ81EFXTesS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82e89be058f62c00-FRA
expires: Wed, 20 Nov 2024 04:32:53 GMT

GET
H3 200 dyson.svg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame EF53 2 KB
1 KB 40ms
40ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/dyson.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 17:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1076
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 17:51:08 GMT

GET
H3 200 rtbIcon.svg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame EF53 2 KB
800 B 41ms
40ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/rtbIcon.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 17:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 771
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 17:51:08 GMT

GET
H3 200 arrow.svg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame EF53 429 B
349 B 40ms
40ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/arrow.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 17:51:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556905
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 17:51:08 GMT

GET
H3 200 dyson-v15s-submarine.svg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame EF53 25 KB
8 KB 40ms
39ms Image
image/svg+xml 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/dyson-v15s-submarine.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8356
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 18:38:26 GMT

GET
H3 200 1-min.jpg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame EF53 36 KB
36 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/1-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f1ae783e570bbddc7985c4fd7a6a9d3dd698a5989b6b2ca8aa0c7eb1b37e411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 18:38:26 GMT
x-content-type-options: nosniff
age: 554067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37259
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 18:38:26 GMT

GET
H3 200 2-min.jpg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame EF53 38 KB
38 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/2-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f67a2f74d6947813ce0fb33b888e74591079ab75d95a7dd1b581f3b863e8465d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 23:30:42 GMT
x-content-type-options: nosniff
age: 536531
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39020
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 23:30:42 GMT

GET
H3 200 3-min.jpg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame EF53 9 KB
9 KB 52ms
51ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/3-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cb379880cd9aa9e2d4c2499037469450ac8cefc07de4907dd928782ad1051cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 23:30:42 GMT
x-content-type-options: nosniff
age: 536531
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9596
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 23:30:42 GMT

GET
H3 200 4-min.jpg
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame EF53 21 KB
21 KB 50ms
50ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/4-min.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6edf2641b7ceef04b0d11554630bf01346d52bf9841f43b981601083d0f587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 23:30:42 GMT
x-content-type-options: nosniff
age: 536531
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21952
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 23:30:42 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/8873050794531264236/script/ Frame EF53 4 KB
981 B 56ms
56ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02f0f703fbc39f74414c414357cd77d8f1e7c208a8d5380f1cf98d5768429b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 03:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90028
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 952
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 29 Nov 2024 03:32:25 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0BB4
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CYamb9GFpZZilHLGpjuwPirWY4A2czvi_dLClr6ekEtzZHhABIJqb9hVglYKAgLAHoAGX0bmbA8gBAakC9DuTQFJEsj6oAwHIA8sEqgS8AU_Q0Y8w5LD4tb0duGWoH9_qgEOy221SoBYCEw2...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212592493374295280098%22,%22debug_reporting%22:true,%22destination%22:%22https://gi-de.com%22,%22event_report_window%22:%22...

0
0

130ms
75ms

Fetch
text/css

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212592493374295280098%22,%22debug_reporting%22:true,%22destination%22:%22https://gi-de.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22862873751%22],%224%22:[%2212-01%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227651782399593627681%22}&andc=true

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12592493374295280098","debug_reporting":true,"destination":"https://gi-de.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["862873751"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"7651782399593627681"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Dec 2023 04:32:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 01 Dec 2023 04:32:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12592493374295280098","debug_reporting":true,"destination":"https://gi-de.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["862873751"],"4":["12-01"],"6":["true"]},"priority":"500","source_event_id":"7651782399593627681"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 8510
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1627455/73523884/4.js?ias_dspID=3&ias_campId=1013910218&ias_pubId=pub-8797698108607300&ias_chanId=1&ias_placementId=20492285957&bidurl=https://wedonweb.com/&ia...
https://static.adsafeprotected.com/4.js?xsId=ABAjH0h5eWhTZIJ44Vjwpah7osO7&ias_xappb=&adContainerId=brand_safety_9WFpZcqtDIy89u8PibWJ8Ao&cbFunctionName=goog_wrapCb_9WFpZcqtDIy89u8PibWJ8Ao&true_pb=

1 KB
1 KB

141ms
49ms

Script
application/javascript

2600:9000:223f:2200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?xsId=ABAjH0h5eWhTZIJ44Vjwpah7osO7&ias_xappb=&adContainerId=brand_safety_9WFpZcqtDIy89u8PibWJ8Ao&cbFunctionName=goog_wrapCb_9WFpZcqtDIy89u8PibWJ8Ao&true_pb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=100&slotname=8688504659&adk=1329324074&adf=2178560903&pi=t.ma~as.8688504659&w=300&lmt=1701405172&format=300x100&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172136&bpp=1&bdt=379&idt=297&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=302
Protocol: H2
Server: 2600:9000:223f:2200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:22:14 GMT
x-amz-version-id: ptCY9mvdfO9FVxh7J7Hg_NqWxL3SNYBQ
content-encoding: gzip
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 202240
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 28 Nov 2023 20:22:12 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: R4lyrUOOG3CVxB6Egsn1SQhts3LTGalKaz1dcWmWUWFtpGFXDu0PaQ==

Redirect headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:53 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?xsId=ABAjH0h5eWhTZIJ44Vjwpah7osO7&ias_xappb=&adContainerId=brand_safety_9WFpZcqtDIy89u8PibWJ8Ao&cbFunctionName=goog_wrapCb_9WFpZcqtDIy89u8PibWJ8Ao&true_pb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 921C 91 KB
23 KB 196ms
45ms Script
application/javascript 2600:9000:223f:2200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=100&slotname=8688504659&adk=1329324074&adf=2178560903&pi=t.ma~as.8688504659&w=300&lmt=1701405172&format=300x100&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172136&bpp=1&bdt=379&idt=297&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 6150223
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: GPDn3PkxaEL6kXLyIwIVaTt9BllKaEK6lR6WsG-XsbZsVOZO_oLGGA==

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 94E7 51 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:40:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 114749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Nov 2024 20:40:24 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8510 43 B
215 B 401ms
122ms Image
image/gif 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d890162d-c2a1-3ef1-b639-c89ebc04a094&tv=%7Bc:vwjm7x,pingTime:-3,time:87,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~300.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tX9UIz2+11%7C12%7C13%7C141*.1627455-73523884%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:141*,rmeas:1,rend:0,renddet:na,siq:28%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=100&slotname=8688504659&adk=1329324074&adf=2178560903&pi=t.ma~as.8688504659&w=300&lmt=1701405172&format=300x100&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172136&bpp=1&bdt=379&idt=297&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:54 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8510 43 B
215 B 396ms
120ms Image
image/gif 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d890162d-c2a1-3ef1-b639-c89ebc04a094&tv=%7Bc:vwjm7z,pingTime:-6,time:89,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:89,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~300.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tX9UIz2+11%7C12%7C13%7C141*.1627455-73523884%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:141*,rmeas:1,rend:0,renddet:na,siq:28%7D&tpiLookup=ao:wedonweb.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=100&slotname=8688504659&adk=1329324074&adf=2178560903&pi=t.ma~as.8688504659&w=300&lmt=1701405172&format=300x100&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172136&bpp=1&bdt=379&idt=297&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:54 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 74ms
74ms Preflight
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 01 Dec 2023 04:32:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8510 43 B
216 B 374ms
118ms Image
image/gif 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d890162d-c2a1-3ef1-b639-c89ebc04a094&tv=%7Bc:vwjm7V,pingTime:-2,time:111,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:686,beZ:687,mfA:690,cmA:692,inA:692,inZ:696,prA:697,prZ:707,si:714,poA:715,poZ:741,cmZ:741,mfZ:741,loA:775,loZ:777,ltA:797,ltZ:797%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.50,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:111,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B103~0%5D,as:%5B103~300.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tX9UIz2+11%7C12%7C13%7C141*.1627455-73523884%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:141*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:28,sinceFw:82,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=100&slotname=8688504659&adk=1329324074&adf=2178560903&pi=t.ma~as.8688504659&w=300&lmt=1701405172&format=300x100&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172136&bpp=1&bdt=379&idt=297&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:54 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 dysonfutura-book.woff
s0.2mdn.net/sadbundle/8873050794531264236/assets/ Frame EF53 8 KB
8 KB 41ms
40ms Font
font/woff 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8873050794531264236/assets/dysonfutura-book.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8873050794531264236/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8873050794531264236/css/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:19:27 GMT
x-content-type-options: nosniff
age: 317606
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7928
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 18:29:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Nov 2024 12:19:27 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 635A 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCVej9WFpZcqtDIy89u8PibWJ8AoAAAAAOAHgBAI&bg=!wMOlw4zNAAY3kmNgF5I7ADQBe5WfONAL9SDn_UXQOsrlRcSn9rm3UZyMv0tocTA0yMzA52Ll-7y2fzdBHTPJ7couRoM9AgAAAL1SAAAAA2gBB5kDDtkfEuN3UlQjitCusL63LFtl2UQb83LCKoSHbbc69J6AzaCDDQ547j5P7_UiVbjw3funwlPnkBCb2qDlZ1KqA36horFufdkBLclhsZ-yBCDPqbIlagVpkGFtDhzjrXVHnEsDuiD7VsnZlZJX5QRrlB-kzYLPc5MuFyxpkizONkd6mgQcu8PEONx9Papn0lebZYF7bw1j8V8iZVffj6eG0xaXsCWNQxfOGShqrW2eSnViqFPWNY9xv4_tOuesbnHvGrpJA8eCgD4G_FQm2Q7FMSnFarDHKVbTsRuZ6gP8BHBV2Ja-hjksPHutEo1zVyWTD61HGYqF0mTp2CA6RKlTnB_62xEWjcw1XYnbDR6A4P_ZvIw0pAw5WHb6Q5_hdgf3Vg3NuNApRLkVJ824552YmNABKRfgfxvGl_v2uqrZgu7WcY-NQQ7F-DEQanK4j4OAP9w7b6kZPvCpCHlqDZj1gAufS7OFUFOpW31BHp_uZcea8UQmUKNK84Ero-WqxjmNpnkXh0BJBKu-GvQuFmXqMLJzyeODxxDirqkw9QywKVrOuF2ydduBYk0AWcFXL1e_4ea9vf-1UcICgLlnym39D_tonK6Af5UDq2Ip8Z1w-4UjoK34nqXUl0mnrKUOQa3HCqYjholy993W06oJIvIBGSAz_et0mGoCQZg5zjBSVkHdpESrLrGpygenl-oznNvGXIaQBDd8b8uJg_wAfpAM7ydW4r9ELnqkBMFJtHOJCI_KWjKkFC2ASk12DriF2C34Rp9d2OLaeMVoHZgKZ6nLQFDVJU4k2Xumb-OAOSCJcwY-iN_vytYC0qa8ou23xUqTJvUK5qaaWzKq-H3g-hrdnze0KH7JASOeaHR9uxZO62gbqL1PbuG2yZ1ElVj3X09qHAN7U3To4Re-Sq2IQiX79slJbVk1qSZfte-d2ruK3Qq1lIjxtl_KRX8pAWarx2toBIuQB4q7QVr9sO22X2o3AZEwBh34JQs-OTBSrICviU12PwSzutkzxzIT0rmbmBGTqLG9pY8-op1UTbNp1ySV

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8510 0
0 76ms
75ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstKPBhKoE17NCYk7SNLFSOk6xzo-7FTiH7IUxIff22tCmUlA96WdyFvjaCZkpJgU3_Mcp2acfO6OjLXPmiU8l7rkQc-LW1hPwjV7oLNZR7tck9UN9sQE0hifkBVzw3D-v4dzMmH4ySd2n3pYMz_ufJMJ2-MLezAzGUecN4OEY0VR03mVwS7VWdTtDfUElRP5l5JYSl7lf9XT8HCGsuknBwR6gyvIOSYIPalNneOH0DDsomFj83uBtjZkCpec0gg_PeF1k3VxpcrSHGKsMNdu6T1lZoBK1CKqCNM7e21cDDp_mObzEQiflOKdRxAMMOghpBvYHeJ5Ts2HqLc-fkYO26svEB5FiQNrAOwpdIxz2wx9AsmV5-fHH3qo0ZlJK44tHA723JVtlv1dFydyR9Ff9LgNRjgjc6JWik0u9jCDwC5OI-8avdNOoiYteBNi85VbU8GhBDNaOVYGH_6c4VQt9Z7HMO-A1qmld9jOC1Z5oVZH8FGVysRRAAssFoIK7DLST5bKsy0akokFEyXqHt5KnBj92w2fSeuMny8D7dZuzGdlUav6vfdKl13M1X2uEy7zpFmi-E4-75CESoShrCvyg7zt8YWfUdnYnSW6AY8brMQameLbdXBN9ba0rJuP9sLbDAKfOzqqkoGpunDiSRzk2T87EMEYqAL8cpfFtiAV4A3TN9v439uTv8BaYZF3aDPSEsBeGppChev7ttRGDCQPO2Rpssx1lSQIDssIcIdfWtrtMdB2WiES0yl7c56WihkGe7NB9DzAwS1WdgBrHGm-pZaSdBDEBWS_unF5C5J9Ur503wPFeAvb_LuQjXWdzFYOlRjkGra7zcMtUEJYlbcPWCm6UMNWNXnLBcgu5b5kMDTiOnF1fZoTsUv14jyOrUF-9uDAd2i_0WWPJXxTrP-gl8i7qryHJwvybBMVMQvoxAjlj4HP_mck41myQ66wlrahYOr9J1FjnEKCzOyFMw62U30L9G4DCE1LiDBrQpbOZVpVxbFGTazgsju7UQ-1qud0ERD-BKXmtM-ME6kDFgRa3WiWw2_2kCUj18O6rICU_3x6fJa1Gawy0I9zW557mipLo9itq0hiqO6WTYy9mV4brR6qToc3GhhiQaNC0LHIEcZEqMh6JvmOwISDffFYl-_76GdDZoUE9rxELzXc-1W8p-UUexAGHhx6HAEOiN9wSJ4Tz7y3f6ZXrz9rWhHnWdWtNHmpXsEcC36TEXxzb-WMi5gnt_wYa8dhhNeTusboop6Y0Wr3jWWRnQeiVQ4w863Spj1S3zWtgt90BbEDgo&sai=AMfl-YR9LGW9Ww1LuhhLXpJ_G-IO2ZgzaQOdbsP7kTLumHLpm-NbeSuWL_X537Kgsll9hSHbr81P1btA8M__KxZizDB38KIdtELeqBX1n6ZAd0r9PHCguLgv7PQph0NPNYMba0p8qZYTPRUs1PDNbePINZdlCn0nxCj2p8WC2Wjb3gPXdLjc-W7Gq94d-GgFLYNm-noZoJkAT5yT5qgVnC4MpvNJbbRfMiVojaDjhIS_WBKIl-AcqgMiHqqJLICJmmxp-8d95T9Va-nnAKjGxZ5gRxeKr_BdYmb928O4VcNoNA&sig=Cg0ArKJSzAsxFqTCBv80EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=660&vt=11&dtpt=441&dett=3&cstd=215&cisv=r20231129.94164&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: wedonweb.com
URL: https://wedonweb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8510 43 B
215 B 178ms
124ms Image
image/gif 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d890162d-c2a1-3ef1-b639-c89ebc04a094&tv=%7Bc:vwjmbb,time:313,type:e,im:%7Bpci:%7Btdr:267%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:313,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B305~0%5D,as:%5B305~300.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tX9UIz2+11%7C12%7C13%7C141*.1627455-73523884%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:28,sis:262%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8797698108607300&output=html&h=100&slotname=8688504659&adk=1329324074&adf=2178560903&pi=t.ma~as.8688504659&w=300&lmt=1701405172&format=300x100&url=https%3A%2F%2Fwedonweb.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701405172136&bpp=1&bdt=379&idt=297&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=486860716249&frm=20&pv=1&ga_vid=1178966804.1701405172&ga_sid=1701405172&ga_hid=1037978500&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=512&ady=684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531706%2C44809316%2C31078297%2C44806139%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=890380930197348&tmod=1986958678&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=302
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:54 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 57ms
55ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79faf678398f6a8d44f2730ce0788c358adedad7b2792cba1706b1490a0e4114

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12135
x-xss-protection: 0

POST
H2 204 rum Show response
wedonweb.com/cdn-cgi/ 0
180 B 43ms
42ms XHR
text/plain 2606:4700:20::681a:ff4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wedonweb.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ff4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://wedonweb.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Dec 2023 04:32:54 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://wedonweb.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 82e89be3e8f43674-FRA

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8510 43 B
215 B 118ms
118ms Image
image/gif 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d890162d-c2a1-3ef1-b639-c89ebc04a094&tv=%7Bc:vwjmgW,pingTime:-10,time:670,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701405174394%7C%7C319a91a9132458d7b63837c1b457aa0a%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7Ca72109f57bbd70fac695e08fc6d6abe4%7C%7C9c5c9ae1e03407dbd0bd7625ffcfe9f0%7C%7Cfd89b096e201220163fce1565fec0ecb%7C%7C96c2b73567474e6c30db2f43badad833%7C%7C27552bb9bbf2c7d9351a4c04092bc922%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:54 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 335ms
334ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 01 Dec 2023 04:32:54 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8510 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssj23Y0bUJBveeC8xLk20R2VgMGv1KvB9rlOuXTBh7nIDx35hS5aRd-TRtbxOFo68k4CRfscMDEb_wOg7copfkyXZA718p4nx4sM3LQBnO8ByGE4UVKhkBGK2WW27JkZH0NiIBg1HdvWAQH&sai=AMfl-YQFRObHBvJhPKeh2qiDv2OJJ7RzZAC0dgvtDDU6GTFHwfX_ld8xhaLN9Md4icybFLj09qHBl2sF5CvLtLEvRhT6JZo92Hg2D1g1jKKMi0mKPGBIQFSbobarU9C01ALOeC6gJLDcT5H-fr0dGfh8J2O_2FRAOq2jMpnB&sig=Cg0ArKJSzDda-IgvAGsBEAE&cid=CAQSTwDICaaNsZDRUcGHqg3dVCbNp7bKUrZPdyEuEPyZ5OAX5cJSUg_Y0j4rz5y_Dc69bzua__YfbrAMGS_v-aU6Pgw3D-o-vqLT8sIApISXxsUYAQ&id=lidar2&mcvt=1000&p=0,0,50,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1329324074&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701405173039&rpt=469&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B3C 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUEV5XqwZTRy9ha7c5uL-96iKCbkbiHCFVs04p5MxRK9zJ_OU3NlD-chHdA5ec4cGqdk9g8d4WFhUsPYZXJ2oVakY743vn3RoaZNCNlIGj7QXwZjfZrhKwCKPA_1TdB8N2cA2m78NzgObU&sai=AMfl-YQX6Zk4MdCwofnX9EQcJAm-N49zk1fkNhQDFdzS4HxjhKifGckMMHM0ynHSgsraeCGIO0lOWdEIQoEWRPRYbsq6ODSoSuP_suQ9HYkg5aeJgvA2v6E_OND9JO-5tw9-aZ7D9jmcnteuxa7gpncOAzEbX3NKYyXcaos&sig=Cg0ArKJSzDe2hlZRGR2AEAE&cid=CAQSTgDICaaNe8dWKcry5_s74ik6STP-2NtiSMQxMNmdzL29SsR-i9TJOg5uJP6_93dFUJKR9SAq9WLdmQuysOJa0ZnefwF0AH8r5P6FMgy6TRgB&id=lidar2&mcvt=1000&p=0,0,200,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2384634023&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701405172447&rpt=1139&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 12FB 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wedonweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 22585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Nov 2023 22:16:29 GMT
expires: Fri, 29 Nov 2024 22:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D050 829 B
559 B 51ms
51ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5dc0465d274e8d59e40aeea32dff2b00b5504d26afe8d015d5200e0b068e49b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fLkRuq_l95997fLeSQ3-dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wedonweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-fLkRuq_l95997fLeSQ3-dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 04:32:54 GMT
expires: Fri, 01 Dec 2023 04:32:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0BB4 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst37H_dAF9eclztIRXfsFKyqDso_e3r_C72DacCDmu_NR5W9geI1ZHCf1ajrfn6Pu-TTa3_uYo1Vuc7qNdSd_ANWnDrBWV0sirq0tO02R3nJh-yuEKQMai_iNy-YK0yaaYelMmJX9r6Ufe_&sai=AMfl-YSLyukAe_CZNJJoAypeVqlBYMa7qjoFRO_whNN-c1lEBCdAs5TKI2hIwzv29aOf4gMTdFj144JMDfZ7q68-1k4W99yeWGMDB1HLTugV7x3EMVD-aGdZqUk9Ll9oK9PghPGUNHRtfBFxcXK6iL3m44akOqutmxG1MTQE&sig=Cg0ArKJSzC7IcngbjHPXEAE&cid=CAQSTwDICaaNjETxyj1dog-EPlCJZpMcJZelNcdVF-3QkmfozLRbh9eXFVl0ZbuX5j7pbH0fBrXeQcYNBBkJ_na6QKOSX-u3i0VrSPSZ5ZohCyIYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=379,968,1000,1000,1000&tos=379,589,32,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701405173083&rpt=637&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 12FB 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 22:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 22:16:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D050 0
0 72ms
72ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=890380930197348&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 12FB 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iie4fw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 04:32:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8510 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3679685395393&version=m202309260101&ct=76&x=1&cor=8259020287920284000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
75ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=890380930197348&bg=!LyylLGPNAAY3kmNgF5I7ADQBe5WfOIRqZGqfVQragNGDBO-dy1GsbkG3lror6X3MJkmAJBuLQb_v1sF3QEPkJZHo5Pq1AgAAAFlSAAAACmgBBwoAN7e1-77A3PrzLlwdsokuY3TK0JVaIczL6agBcjsC6wps5SVzfNdY5bLUqyuKrhnFTslHTWJKq7aZAr1NkJfAgpwJ4VP62bzwRBz7QpEpP-w6jBP2POS7Y9SM6CaWMSfdTyArfBZ0lq1vL2NUf-a9FNl3rybbRi2U17PQufE3k1Aw-K9KN4ES5r41JHpsbkevdzs9cirhcgcUlNGbg5jI8oGsrfgOeAp2AnDPA-Xg3H4a6mOLhUZVOtQbiUOZoiXMB-2xiV8MPrHfslcsDgo5_HazQhAT4E7HrGPSeQri33770UiWnqGXw9gb44JOXdB38jhZXxSKVYPZoAYzLcyNSeM0QajwRH8yi-A_kM6XO82VveGk54Q97mjmg4pBHkRz-8pFyznvvRF38g-2-lo8XitZX5D3OayB8aiQPoVrdlz7vO3MJLR5igwZcV2-AnV_8RLpfLHVSyMHaMdRqnQuzYQETOzcPFGlOkYdDWKgk_JwQTSulqfiLwsHpRT7ctd9B_SHtoz1xz_GRH4PrsQYeblCATkHwNOnnNe9SMFPbMnCbpFtUwY1CrbJExJ3qSNGnYt6z9Q6qrGad-UCZpBmwM4UXAyz9YHPFJoDS2gnyGYrLee3r3fNnVA2Zu26OmYHSyyFMr4Cwd5SqVzJ6-elW06gkGFHfZSgOXjUjp8PiQQZDBO56MUrs2BX8qUe33mwu88Mum6iOtUXu5jc0PpDQyt4Ktr-f6I2MSKp-9qnxEnmXxBafPivJ4QzW6IePzGAdRHGOA-eFWMlr11anlGtCd7kgpAkhKuRzD6Zkq9QoGV0rJQ0qkVRgJQWgqFcIapKN5Rcz47KdCvy_GdTRv0Ptx01NyHfYsMq1F-XpbEgYjkqdgM1R_ESwrLrJBIn_R2oKu2AyWTCZcHQEL-W64srqjawAYwJnUJwNhA6tYIjxqRkwg2vVLqc_A844DQ1Bal6cQFAgDbhxu37oK8Cm5bnT7PL6b_pp60jLaF3t9HLPraE7SXx9dfceA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wedonweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8510 43 B
215 B 121ms
119ms Image
image/gif 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d890162d-c2a1-3ef1-b639-c89ebc04a094&tv=%7Bc:vwjmEh,pingTime:1,time:2117,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:26%7D,%7Bpiv:100,vs:i,r:,t:1114%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1003,o:1114,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1106~0,1~100%5D,as:%5B1107~300.50%5D%7D%7D,%7Bsl:i,t:1114,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:123,fm:tX9UIz2+11%7C12%7C13%7C141*.1627455-73523884%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:28,sis:262%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:55 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 8510 43 B
215 B 121ms
120ms Image
image/gif 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1627455&asId=d890162d-c2a1-3ef1-b639-c89ebc04a094&tv=%7Bc:vwjmEj,pingTime:1,time:2119,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:26%7D,%7Bpiv:100,vs:i,r:,t:1114%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1005,o:1114,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1106~0,1~100%5D,as:%5B1107~300.50%5D%7D%7D,%7Bsl:i,t:1114,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:123,fm:tX9UIz2+11%7C12%7C13%7C141*.1627455-73523884%7C1411%7C1412%7C1413%7C151%7C152%7C161%7C162,idMap:141*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:28,sis:262%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Dec 2023 04:32:55 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
wedonweb.com/	1970-01-20 16:36:45	Name: XSRF-TOKEN Value: eyJpdiI6IlhjemdDUWVaMWNqdUNBUFJNWHh1Vmc9PSIsInZhbHVlIjoiTzVjdExFL1Zvam5jazRTMkVPOFZaRDFlaTZkVzYxZE5KR3hUaHh2L3NTd1IzVGhPMEo2ZDZNZENxU3hNamNqK3lQa1crYUJSWVQvWW1UYnQ1cjc4aEp0ZmJ6UjJkOUViUVlhQWppaXJDUjdsdEl5eWpVNDZkakorNlNnUi9MN0ciLCJtYWMiOiIwNzZiZjU3MjNkOWQ1NTdmNzlkN2Q1YzBlOWFjYTdkMTgzNTZhZTJjMjk5YTMxYTdmN2VjNDhhYzdmYjQ3NGYyIn0%3D
wedonweb.com/	1969-12-31 23:59:59	Name: wedonweb_session Value: eyJpdiI6Ikl3Tm1XQzBEUzcyMGttV1BibFl6dEE9PSIsInZhbHVlIjoiM0RickxldmlraXFPczhYRHY0WXVSVmg5aHljL2FNT3hrVDRXTHMwdVFuMUdhem8xOVJiazZOVkx0UG0zVWxTdWRZWmI0QS9sOEtycmZYdjdpZUk5b2p1WGcyM1IxTTM0c3RwS0V2R2dZSlB4UHU5ZzFoN3hUTGJZcE1rQ0UwUGMiLCJtYWMiOiJiZjVhYzMwMWU0N2E0MzYxM2U4ZTgzMDE5YzhhMjY0NDBlMDE5NGU0M2IwMzFkM2JmZmI3ZGIwNWU1ZTNhZTA4In0%3D
.wedonweb.com/	1970-01-21 02:12:45	Name: _ga Value: GA1.1.1178966804.1701405172
.wedonweb.com/	1970-01-21 01:22:21	Name: cf_clearance Value: .aIST0_wgpt4rD82c5CpehBC59U0937AAtDtHA_ZMTc-1701405172-0-1-24914bd0.2162ea94.73901430-0.2.1701405172
.doubleclick.net/	1970-01-21 01:58:21	Name: IDE Value: AHWqTUklu0RMgnmCCPjOEb79gOu217vJUdJ4zTu-upNq1399MvHeyJX5_qUG6Zhg
.wedonweb.com/	1970-01-21 01:58:21	Name: __gads Value: ID=7d1c1ec225a15ac5:T=1701405172:RT=1701405172:S=ALNI_MZAPl2D_zAZ1RHQOzACFiQsC3s1pQ
.wedonweb.com/	1970-01-21 01:58:21	Name: __gpi Value: UID=00000cff9d6bb159:T=1701405172:RT=1701405172:S=ALNI_MZssfeb6YesXqJ6rc9XY3WtSk44Tg
.casalemedia.com/	1970-01-21 01:22:21	Name: CMID Value: ZWlh9eNhcF2NV7Q0POVpoQAA
.casalemedia.com/	1970-01-20 18:46:21	Name: CMPS Value: 3380
.casalemedia.com/	1970-01-20 18:46:21	Name: CMPRO Value: 3380
.doubleclick.net/	1970-01-20 20:55:57	Name: APC Value: AfxxVi7aGFWBzObpgH43zVHzAe3EV5P8Td_VJgCZCSYqvjis9GQXHw
.adnxs.com/	1970-01-20 18:46:21	Name: uuid2 Value: 5392815808779151671
.doubleclick.net/	1970-01-20 16:36:48	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 18:46:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImQwYdwl!@wnfH8K6pQK`!5=E<L5?%K-jFtOmY@>sK4Y=[clyl^r6%Te]:/`GnZ8w<ubpRzqF1`b`>M:8'
.wedonweb.com/	1970-01-21 02:12:45	Name: _ga_W4WYHCCXMC Value: GS1.1.1701405172.1.0.1701405173.59.0.0
.googleadservices.com/	1970-01-20 18:46:21	Name: ar_debug Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
omg.wedonweb.com
pagead2.googlesyndication.com
region1.analytics.google.com
s0.2mdn.net
static.adsafeprotected.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
wedonweb.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
142.250.185.194
142.250.185.226
142.250.186.130
185.89.210.20
2001:4860:4802:32::36
2600:1f18:1aca:4281:8bf8:4e32:1977:9bf2
2600:9000:223f:2200:8:48e:53c0:93a1
2606:4700:20::681a:ff4
2606:4700:20::ac43:4a63
2606:4700::6810:3865
2606:4700::6810:5614
2606:4700::6811:180e
2a00:1450:4001:803::2004
2a00:1450:4001:808::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::2006
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
2a00:1450:400c:c02::9a
99.81.22.6
009bdeb355f5cf4af8d7642dabb033d2878540b9ee163f18c6210a27e5a7b977
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02f0f703fbc39f74414c414357cd77d8f1e7c208a8d5380f1cf98d5768429b6e
058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb
07bcffab8f30f388bd61e0b941103b9da01b6c10aa9a6326ad29ab71a5d730df
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
2288902768c47e71b9938d3f37623c739ad9ecf44435ae719c220a3fd2ab67e5
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
286cbdea1c82ad8d82d6efbc4c55bb38e1f13d869937b571adaf619f8516b764
2b3d5cc9f678f41aa9ee0b49f9106a1f0bde7e039a89ba312ddcdd391d3dc654
2f1ae783e570bbddc7985c4fd7a6a9d3dd698a5989b6b2ca8aa0c7eb1b37e411
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3cb379880cd9aa9e2d4c2499037469450ac8cefc07de4907dd928782ad1051cd
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
436e1554c80aa4a1b2712f349598f422106c2fb4d6433b08f1df96446f7a5ea7
43c9555701d17579571d962cfee37868f4769995820a96abf451623b0528c92c
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
514ae53c0154c406b5d496d8d052e9901ca72d3f1879687b0040b533b2fa8042
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5dc0465d274e8d59e40aeea32dff2b00b5504d26afe8d015d5200e0b068e49b8
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d72ada13ea750a22288f38ba446837722fb36b66f4d96138339a5114265c88
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
69e1767c60e702480b7a4604f7a71a344e3e03caa6e21f6a352a9f63908dc500
6eeb0d31deb06d2e9100f909112f078f24885f6041f8fe1000f61af2bb19dc24
754573d61b9aa6ffbcc8dfdd9e9176bf7244f7a3799d5734d87dca8d1c602871
79faf678398f6a8d44f2730ce0788c358adedad7b2792cba1706b1490a0e4114
7ab6f04764ac69b358310373c6637991395ff52b74cf39f2e586838ed6fb1601
826acacd017df84b19b2ab471476280947c4eb0366b4ba0c323bf88c8ffbffbb
84647aa4504ea68201771de0c91c7103cccb26ac39b9dbad6c18a879b34dabce
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
95f5d9af5b985ea52f5a7e4290e1d5349b42bd37d227d44f5981dc951b157e78
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
aaaf0b2c3bd11afe20e1902624db617c2131b3272fabebd1160cb2f53dfb3750
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac5fec123183904e0207319d30845f69a560d4d7f4bb0f20d6262c9300414c7e
ace6c1d1cccc4686d29e81c0821be209d2e2d8b7ba44ee24649a698a5230f6ff
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e9ee05490624a6c9d99fac60d7fb1647935bdaa4ea3eb73f39fc4739a67782
b42672ac36cbea9c5e203367baeeda0dad071de392e1b60e2156fd19819705cc
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b7b00f50ad015948606e45be27aa33609fdb9615afba48358cb9cfd86711da83
bbde0fd637840b04806e70ee7610047e1cfe5568854929dc58c310a861d93ca6
beb58642cdf915ee1bcd6488e7b1ab23630c04f05a8e72a658f03e74defa7201
bf6edf2641b7ceef04b0d11554630bf01346d52bf9841f43b981601083d0f587
c190eb38a3f491bcbf96b136cf4a4ab534ac1293d37d9047fd77db6365c86682
c2bc67db5c848026757f093ae8b52af31a5a76b9baff1cf7df7f6648f1acdc8d
c868679a384546d80661e6085c6a40e95de3be2ad0487c56e116703ffd1850bf
ca0baed1700f35ecc342690da4052d4cd9774aa71a7fc76fda6e513884c380d7
ce56080747fb3b762486b9ccc59bc01f871c9647d354a1c27b52cdb73fc1bfe1
d2f824257da294a8d83cb79379fa6fcf125d1fbf8ab134ab8e0ef96c0403bee4
d3e4cdbb12defe352221c7446f538206d487f314187f7883e6f261d9246ab3af
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
ddfef1883718681942a3416dafc4bcf4f0e306d3b41e779b3912b6ddeaab4e94
e2dd58417d0565472f035946ac6652822e44abd52c0cb027845f1b414cb19ce6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e166567ad908883ca1d769c38b6f65959bb067295e5ea3c2f850ec5fa2b8d9
e7b8d433b88d210c6aeb414da6fc440f45c471fad1b5aaae9f0b66c50122c62b
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eccfe2dacabb31d8c37f0ea1e035b217fe04d7d1c79367b674e7009dd0361863
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa0efccd4e871361e09b65207c06e36126c749b9f143e04ba727a98160af619
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f5c054c8016575b91faed5b3204a87da2ca849f9a86c34dc7801360acdcc24a9
f67a2f74d6947813ce0fb33b888e74591079ab75d95a7dd1b581f3b863e8465d
f806155401e78aaeec86ad493af62328a69d5186cf5d0c508a1fcaf459a64c16
fdfad01a445cbda792fa87c1b079b9b6a969faf6bb598c2f9d69b89bbfb9bb5d

wedonweb.com Open in urlscan Pro 2606:4700:20::681a:ff4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

93 %HTTPS

77 %IPv6

17 Domains

26 Subdomains

26 IPs

5 Countries

1602 kBTransfer

3947 kBSize

16 Cookies

5 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wedonweb.com Open in urlscan Pro
2606:4700:20::681a:ff4 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

93 %
HTTPS

77 %
IPv6

17
Domains

26
Subdomains

26
IPs

5
Countries

1602 kB
Transfer

3947 kB
Size

16
Cookies

120 HTTP transactions
4 data transactions