fore-dnty-rtyj.sad-net-q8.buzz Open in urlscan Pro
2606:4700:3033::ac43:a3c2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
Submission: On May 04 via manual (May 4th 2022, 6:00:39 pm UTC) from SA — Scanned from DE

Summary HTTP 183 Redirects Links 79 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 22 domains to perform 183 HTTP transactions. The main IP is 2606:4700:3033::ac43:a3c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is fore-dnty-rtyj.sad-net-q8.buzz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 4th 2022. Valid for: a year.

This is the only time fore-dnty-rtyj.sad-net-q8.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700:303... 2606:4700:3033::ac43:a3c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
31	69.172.201.191 69.172.201.191	19324 (DOSARREST) (DOSARREST)
1	2a04:4e42::311 2a04:4e42::311	54113 (FASTLY) (FASTLY)
10	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
1	192.99.0.58 192.99.0.58	16276 (OVH) (OVH)
24	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:3800:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	69.192.161.152 69.192.161.152	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.86.105.134 52.86.105.134	14618 (AMAZON-AES) (AMAZON-AES)
33	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
5 6	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
9	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
183	30

14 2606:4700:3033::ac43:a3c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fore-dnty-rtyj.sad-net-q8.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 69.172.201.191 (Canada)

ASN19324 (DOSARREST, US)

www.alarabiya.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::311 (United States)

ASN54113 (FASTLY, US)

gumlet.assettype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.0.58 (Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3800:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.161.152 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-152.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.105.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-105-134.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 119 tpc.googlesyndication.com — Cisco Umbrella Rank: 171	642 KB
31	alarabiya.net www.alarabiya.net — Cisco Umbrella Rank: 171112	524 KB
23	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 65	195 KB
14	sad-net-q8.buzz 1 redirects fore-dnty-rtyj.sad-net-q8.buzz	48 KB
12	criteo.net static.criteo.net — Cisco Umbrella Rank: 760 pix.eu.criteo.net — Cisco Umbrella Rank: 6356 csm.eu.criteo.net — Cisco Umbrella Rank: 6365	173 KB
9	addthis.com s7.addthis.com — Cisco Umbrella Rank: 2109 m.addthis.com — Cisco Umbrella Rank: 2040 api-public.addthis.com — Cisco Umbrella Rank: 4821	220 KB
8	google.com 5 redirects adservice.google.com — Cisco Umbrella Rank: 128 www.google.com — Cisco Umbrella Rank: 20	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	220 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	54 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	4 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 9640 ads.eu.criteo.com — Cisco Umbrella Rank: 6296 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 8670	43 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	176 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5351	914 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 11785 s4.histats.com — Cisco Umbrella Rank: 9447	5 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 341	5 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1354	201 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 2491	907 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 523	1 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1525	23 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 940	649 B
1	assettype.com gumlet.assettype.com — Cisco Umbrella Rank: 147811	18 KB
183	22

	Domain	Requested by
33	tpc.googlesyndication.com	googleads.g.doubleclick.net fore-dnty-rtyj.sad-net-q8.buzz tpc.googlesyndication.com pagead2.googlesyndication.com
31	www.alarabiya.net	fore-dnty-rtyj.sad-net-q8.buzz www.alarabiya.net
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net fore-dnty-rtyj.sad-net-q8.buzz
15	pagead2.googlesyndication.com	fore-dnty-rtyj.sad-net-q8.buzz pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
14	fore-dnty-rtyj.sad-net-q8.buzz	1 redirects fore-dnty-rtyj.sad-net-q8.buzz www.alarabiya.net
9	static.criteo.net	ads.eu.criteo.com
6	www.google.com	5 redirects tpc.googlesyndication.com
6	www.googletagservices.com	googleads.g.doubleclick.net
5	s7.addthis.com	fore-dnty-rtyj.sad-net-q8.buzz s7.addthis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	www.alarabiya.net googleads.g.doubleclick.net
3	api-public.addthis.com	s7.addthis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	fore-dnty-rtyj.sad-net-q8.buzz www.googletagmanager.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	pix.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	ping.chartbeat.net	fore-dnty-rtyj.sad-net-q8.buzz
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	static.chartbeat.com	fore-dnty-rtyj.sad-net-q8.buzz
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	fore-dnty-rtyj.sad-net-q8.buzz
1	gumlet.assettype.com	fore-dnty-rtyj.sad-net-q8.buzz
183	32

This site contains links to these domains. Also see Links.

Domain
www.alarabiya.net
www.alhadath.net
english.alarabiya.net
farsi.alarabiya.net
urdu.alarabiya.net
www.facebook.com
twitter.com
api.whatsapp.com
www.twitter.com
www.instagram.com
www.snapchat.com
www.youtube.com
www.telegram.me
www.linkedin.com
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-04` - `2023-01-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.alarabiya.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-10` - `2022-11-10`	a year	crt.sh
gumlet.assettype.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-08` - `2022-10-08`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
histats.com R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
Frame ID: 157B30311E279E6576023FA672E171A5
Requests: 86 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20190131/zrt_lookup.html
Frame ID: 1F69567BDD3BE48339277F36204DB749
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&adk=1812271804&adf=3025194257&lmt=1651687228&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228182&bpp=3&bdt=176&idt=166&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3991584096787&frm=20&pv=2&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182
Frame ID: C8C768346F25DAC40F17F93682204D27
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=600&slotname=5914239063&adk=2628446172&adf=41369079&pi=t.ma~as.5914239063&w=300&lmt=1651687228&psa=0&format=300x600&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228185&bpp=1&bdt=179&idt=182&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=-200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CniCGruPDj&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=189
Frame ID: 1BFB275D63354C29C6AC9C23B030C07C
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=6456950493&adk=2924068312&adf=2281059226&pi=t.ma~as.6456950493&w=1200&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228508&bpp=11&bdt=502&idt=11&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GldSzAzPE6&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=15
Frame ID: 6D4AEC7A1F301267913F3563CAD3A043
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=5770006049&adk=2469541264&adf=640048489&pi=t.ma~as.5770006049&w=706&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=706x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228531&bpp=14&bdt=525&idt=14&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C1200x280&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mx1icGSbP1&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=17
Frame ID: 9A4C0D6091E0CC337CB442525A13DE31
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=3143842704&adk=3857897314&adf=3101209253&pi=t.ma~as.3143842704&w=706&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=706x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228551&bpp=1&bdt=545&idt=1&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C1200x280%2C706x280&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=aEW9lwBhfq&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=4
Frame ID: 75C1266A4217C98708B0DBA2D6413D9E
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 53A8E719543E086F06A14E1C672DAF89
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 39785FAF93D497D6D8E35D335BA55B40
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnK_PAAIs4EKmpcNAA5XAUb6Wcf7MMHXTLczew&u=%7CqV4xStgj3ftqzPRQvUZCTjkbOrMvzD1pqO2bvMyNP%2Fs%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl5wdET7w9LynqxZ2q2b6eyvATEkK-dB2iRSA7NxMilhlpW3kGtCeb94GabdqrQbkYXw7ioddBLNoeMP8UFDQA4LsxleBxn7sFkBJ4Ze024PhT5x6AK1TXqhKutKMcIkV3zgXd7AYp2nAH8M7AZmV2u1vmQ6BaU1ZXSuRSXnpXMGnVi62_nlMWVsbubDVTK7QhS609sdHfRgv3HB4SsuGCwQVkTlnZU6z1BVSmUTlzcz3NAO0499yOLx-LRtUtDYgP2zQqKGad0akqnszxlI6fW-WgQPnJ8o-R4RRJSLEKJEskoD7IV07l3whgiZRnCa_2aEAJ7jZMssjRCOobDyiHtNMeYGLK_w0avY6JOFys5rWqqkqa790cASZ2v-rr9HsRPSUiyRW2sPRf2d3OdZJjy_yh-rcHSf3_8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6DKbPL9yYoHnIo2u6gSBrrmAAcme0rFcvfGU93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMzQyODY5OTk2MjUyNjg1oAHVttLqA8gBCakCBx2cGeCrsT6oAwGqBIsCT9D-Vo7aHqVLD4aaYjNC0uVjEC1aGdb34ktz2dv8tt_ZjoYZFcmEMs-OERk6_VVRtqGKkBDzcWSbe4bcREK_yyT3Kesf3NH-lT3AqNN6_Rkm_3uvYCQf4UtFMWPTe8Cbb_wzyFqAID0UpNEltXuerqYHW2LsMvHE3-N37orfMhYMdivJFEtLVDMbKkKRgkrNg0qJigdT-e8FZvfBF-1vW-lqW_z6JNbH8gyeHk2vVLGpu2HsHvQL3TbAu4dg2f6U0w8Y9ugXHFxZ6ZhT17d-HR1Z4kzZUZnEH5Gb2tNEzeZZcgnDWyMiK-Q_5DneMEysxBHwrLyWR5e24Nkt84sT1s8MIx5BGoMDUMZfgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_250SyUz4vgvvJlkdDAnUvypk0gAQ%26client%3Dca-pub-3342869996252685%26adurl%3D
Frame ID: 27DB44D748998A88E039E55AC899C5D9
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html
Frame ID: 3130AD5C6A6E0C2E028DBB8335E0431B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CkZALPL9yYoqsJKON78EP-5m-yAa81Zbxaf7147DmD-OQxd2EMBABIOCpx0BglQKgAcXqmbkCyAEJqQKa-4FY4rCxPqgDAcgDSKoEmQJP0I5y-Oaaxx-8U8eoISNVCZTWJj1YW06oeQ47pQoOFBUQP8VVtA-b1sqGH4MntGt7UCaJbBj199B_nh3RYDw_vwy24NcBjO03Wrj129HPt2P9E0m5t2hQwkqTzdWSOZLMS9WKRc40bsUhpbzUgSFyu35VwTGMXJMVx8OC5p1ZnNaB2i1fIF2hG5c-1WTS_uX9TS40caItRVo8qGG4dxF9Bufsm5NkG9GQkdL5iOHYJ65YShUaD516-CwHjXmw0XD7VLhG4pbU1NjyrQRZiyzEOz25NeAjTPQGEfEMTFAvwvV4eUizOMM-sN3OHqKhrhgWwX15G1nsIuy5gw295278Ne2WszpuYo4dtSQYQr_iPbi0PU7TDp1HfcAE4rjlxoAEoAYugAejlebGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP3SBdIICQiA4YAQEAEYH4AKAcgLAdgTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMzQyODY5OTk2MjUyNjg1GAA&sigh=53orVQpvDh0&uach_m=[UACH]&template_id=419
Frame ID: 9EF2208333F9F88ADD8A0F3D2231558F
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html
Frame ID: 05141917577AD936C80C82495907EF7E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CNTjQPL9yYrr2I_TAmQaa35y4CrzVlvFp_vXjsOYP45DF3YQwEAEg4KnHQGCVAqABxeqZuQLIAQmpApr7gVjisLE-qAMByANIqgSYAk_QbpYaUKjNyDazwrMc4afUimMfl9rJSrFA1riP9m9jyYaGi1jpM1GGdajjNUpN0shCfLlrMsrUGoPRQuWp1wejjw4Oe0_9wIMFC2ph4PciHrQfO_VX9NScSgZls80TAZP9C0w3seUQYEw6wlkO0WTuThrkvZFFnv52WEBhcNK1Wdx8j_9J9pNB85v7S-BiToTPLYYTfr_E5tVvrlsoZvyE9tGlwXV2shXM7Q8P7F-CuF3D4fJb5JcGmSJQ-Xfn4dKlDB3uH-eaErriE1ORGHfr1173ZeCmShK3oBimW2xpn_5Aal6M1_DBy5eHrIj5GqHg_c75QAb2n4CSP3wxtkRe-8zTcJ-I0mjf56wrazKLfjOlhzI0y13ABOK45caABKAGLoAHo5XmxgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCtnwTSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItMzM0Mjg2OTk5NjI1MjY4NRgA&sigh=zJAYrtSrPr8&uach_m=[UACH]&template_id=419
Frame ID: DC559B70A62F04A05A342180F3A9987B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FA4FBB1210A918B8173C9D84929D7462
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A43513B70FE154806B70F9524AD13F38
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3342425284FB970F8FAA35E4BA963FA5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3837333106D5273B528E029C5B442054
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1
Frame ID: D49D8080C058EDE50100F23205469DB1
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E0348C6E0695A6F14C1D09C8E371C303
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 62E4B1E74A47711FB8EC153600ABD080
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E341C070662D5211178BAC34DE4A966A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
Frame ID: 39DAB7B523B9A4888B6A084BABCE98BF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
Frame ID: 0DBEA8066D58379CD00589BD818FD72A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8F72B829ADBCE6533201384CD12CD85A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4D03C98560838C32FB146FD2C9E66557
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

بأمر الملك.. إقالة رئيس مطارات جدة ريان طربزوني وتشكيل لجنة تحقيق بالفسادFacebookTwitterAddThisWhatsAppTelegramFacebookTwitterAddThisWhatsAppTelegram

Page URL History Show full URLs

https://fore-dnty-rtyj.sad-net-q8.buzz/jorg HTTP 301
https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Page URL

Detected technologies

AddThis (Widgets) Expand

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Page Statistics

183
Requests

95 %
HTTPS

66 %
IPv6

22
Domains

32
Subdomains

30
IPs

4
Countries

2373 kB
Transfer

10399 kB
Size

22
Cookies

79 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alarabiya.net/qafilah.html
Title: القافلة

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/min-alharamain.html
Title: من الحرمين

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/fm
Title: العربية FM

Search URL Search Domain Scan URL

URL: https://www.alhadath.net/
Title: الحدث

Search URL Search Domain Scan URL

URL: https://english.alarabiya.net/
Title: English

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/
Title: عربي

Search URL Search Domain Scan URL

URL: https://farsi.alarabiya.net/
Title: فارسي

Search URL Search Domain Scan URL

URL: https://urdu.alarabiya.net/
Title: اردو

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/ar
Title: الرئيسية

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/latest-news
Title: الأخبار

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/arab-and-world/gulf
Title: الخليج العربي

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/arab-and-world
Title: العرب والعالم

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/arab-and-world/syria
Title: سوريا

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/arab-and-world/yemen
Title: اليمن

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/north-africa
Title: المغرب العربي

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/arab-and-world/egypt
Title: مصر

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/arab-and-world/american-elections-2016
Title: أميركا

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/iran
Title: إيران

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/arab-and-world/iraq
Title: العراق

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/saudi-today
Title: السعودية

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/1300GMT
Title: الرابعة

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/saudi-today/views
Title: الآراء

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/aswaq
Title: أسواق

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/aswaq/news
Title: آخر الأخبار

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/aswaq/special-stories
Title: قصص اقتصادية

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/aswaq/financial-markets
Title: أسواق المال

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/aswaq/economy
Title: اقتصاد

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/aswaq/realestate
Title: عقارات

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/aswaq/oil-and-gas
Title: طاقة

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/aswaq/travel-and-tourism
Title: سياحة

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/aswaq/videos/inshort
Title: باختصار

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/aswaq/videos
Title: نشرات اقتصادية

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/sport
Title: رياضة

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/alarabiya-videos
Title: العربية TV

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/alarabiya-today
Title: فيديو

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/alarabiya-media
Title: العربية ميديا

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/programs
Title: البرامج

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/variety
Title: منوعات

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/medicine-and-health
Title: صحة

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/technology
Title: تكنولوجيا

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/social-media
Title: سوشيال ميديا

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/culture-and-art
Title: ثقافة وفن

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/fashion-beauty
Title: ستايل

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/science
Title: علم

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/views
Title: مقالات

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/last-page
Title: الأخيرة

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/coronavirus
Title: فيروس كورونا

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/qafilah
Title: القافلة

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/podcast
Title: بودكاست

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/arab-and-world/sudan
Title: روسيا وأوكرانيا

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/ar/tools/kickers?kicker=%D8%A7%D9%86%D9%81%D8%AC%D8%A7%D8%B1%20%D8%A8%D9%8A%D8%B1%D9%88%D8%AA
Title: الأزمة الليبية

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/programs/khota7
Title: على خطى العرب

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/programs/interactions
Title: تفاعل com

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/programs/direct-question
Title: سؤال مباشر

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://fore-dnty-rtyj.sad-net-q8.buzz/jorg&quote=%D8%A8%D8%A3%D9%85%D8%B1%20%D8%A7%D9%84%D9%85%D9%84%D9%83..%20%D8%A5%D9%82%D8%A7%D9%84%D8%A9%20%D8%B1%D8%A6%D9%8A%D8%B3%20%D9%85%D8%B7%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%AC%D8%AF%D8%A9%20%D8%B1%D9%8A%D8%A7%D9%86%20%D8%B7%D8%B1%D8%A8%D8%B2%D9%88%D9%86%D9%8A%20%D9%88%D8%AA%D8%B4%D9%83%D9%8A%D9%84%20%D9%84%D8%AC%D9%86%D8%A9%20%D8%AA%D8%AD%D9%82%D9%8A%D9%82%20%D8%A8%D8%A7%D9%84%D9%81%D8%B3%D8%A7%D8%AF

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://fore-dnty-rtyj.sad-net-q8.buzz/jorg&text=%D8%A8%D8%A3%D9%85%D8%B1%20%D8%A7%D9%84%D9%85%D9%84%D9%83..%20%D8%A5%D9%82%D8%A7%D9%84%D8%A9%20%D8%B1%D8%A6%D9%8A%D8%B3%20%D9%85%D8%B7%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%AC%D8%AF%D8%A9%20%D8%B1%D9%8A%D8%A7%D9%86%20%D8%B7%D8%B1%D8%A8%D8%B2%D9%88%D9%86%D9%8A%20%D9%88%D8%AA%D8%B4%D9%83%D9%8A%D9%84%20%D9%84%D8%AC%D9%86%D8%A9%20%D8%AA%D8%AD%D9%82%D9%8A%D9%82%20%D8%A8%D8%A7%D9%84%D9%81%D8%B3%D8%A7%D8%AF

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%D8%A8%D8%A3%D9%85%D8%B1%20%D8%A7%D9%84%D9%85%D9%84%D9%83..%20%D8%A5%D9%82%D8%A7%D9%84%D8%A9%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%20%D8%A7%D9%84%D8%AA%D9%86%D9%81%D9%8A%D8%B0%D9%8A%20%D9%84%D8%B4%D8%B1%D9%83%D8%A9%20%D9%85%D8%B7%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%AC%D8%AF%D8%A9%20%D8%A7%D9%84%D9%85%D9%87%D9%86%D8%AF%D8%B3%20%D8%B1%D9%8A%D8%A7%D9%86%20%D8%B7%D8%B1%D8%A8%D8%B2%D9%88%D9%86%D9%8A%20https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%23.YnI_kFUnTxA.whatsapp

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/saudi-today/videos
Title: نشرة الرابعة

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/sport/saudi-sport
Title: رياضة سعودية

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/sport/arab-sport
Title: رياضة عربية

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/sport/international-sport
Title: رياضة عالمية

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/sport/other-sport
Title: رياضات أخرى

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/sport/views
Title: الآراء

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/politics
Title: آراء سياسية

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AlArabiya/

Search URL Search Domain Scan URL

URL: https://www.twitter.com/AlArabiya/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/alarabiya/

Search URL Search Domain Scan URL

URL: https://www.snapchat.com/discover/Al-Arabiya/0445020355

Search URL Search Domain Scan URL

URL: https://www.youtube.com/alarabiya/

Search URL Search Domain Scan URL

URL: https://www.telegram.me/alarabiya/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/alarabiya/

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/applications.html
Title: تطبيقات العربية

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/tools/mrss
Title: خدمة RSS

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/tools/privacy-policy
Title: سياسة الخصوصية

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/service-provider
Title: مزودو الخدمة

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/tools/%D8%AD%D9%88%D9%84-%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%D8%A9
Title: حول العربية

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/alarabiya-frequencies
Title: ترددات العربية

Search URL Search Domain Scan URL

URL: https://www.alarabiya.net/tools/contact-us
Title: اتصل بنا

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fore-dnty-rtyj.sad-net-q8.buzz/jorg HTTP 301
https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 126

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 172

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 174

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

183 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fore-dnty-rtyj.sad-net-q8.buzz/jorg/
Redirect Chain

https://fore-dnty-rtyj.sad-net-q8.buzz/jorg
https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

55 KB
11 KB

65ms
64ms

Document
text/html

2606:4700:3033::ac43:a3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:a3c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3bb2af50f04c6463df72ccf8d4a38830c16437bbb16f2fdaafa78dce3a5d7767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 706322d6ae8c905b-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 18:00:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOIrlKuj8VG1OoHxSxJpQ8g74PycJWhUUuPx5BKdPEfQaxrb8UYQxXWU4XyXKGl7WtjJimVab0Bn4Blm6XUTuNlCsYDvk9tvIfDyLoDXN3%2BMYot%2BWT%2B5X2EXClJYbKCWNjVHooaRT%2FItOnPqvq9GzH0cgPQpCyIEzSr6CPs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 706322d64d9e905b-FRA
content-type: text/html; charset=iso-8859-1
date: Wed, 04 May 2022 18:00:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRUNsvKnAVvp8wdg5dsywgOdwTs947UNMoseuIndz4B%2B%2B0YkT0e4U6YHZ20gTksSA8%2BvHo%2Fj5Um4is%2BFOmmHC8oPoy28PzAvp2jJHKTbqQ6i1Ek9MMmHJHlUaAAHzOwLLwY98j%2BNBuYLxd8VGC3KWhutIk%2F%2BU6lGLwhtQkg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 158 KB
55 KB 102ms
49ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ca7ebd324e095c83ebf4d7fe2f52cea4cf6d640a947d441cd77bdfee4e31da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55912
x-xss-protection: 0
server: cafe
etag: 2242824507803106829
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 04 May 2022 18:00:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
41 KB 84ms
32ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-152745701-1

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f33bf010d8eb067bc7154a364b667d781b02434b4b492f6c46c67a7355579d95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41791
x-xss-protection: 0
expires: Wed, 04 May 2022 18:00:28 GMT

GET
H2 200 font-faces.css
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/ 3 KB
818 B 115ms
32ms Stylesheet
text/css 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/font-faces.css?random=0202

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

972d11a37ee1c0d87539f9f52bfaa7d0edc47b0eb184d004b226b3c511a0516e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
vary: Accept-Encoding
content-length: 523
x-xss-protection: 1; mode=block
x-dis-request-id: 4c4b9e8e780433a17f4055fd42d6a27a

GET
H2 200 structure.css
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/ 761 KB
86 KB 145ms
63ms Stylesheet
text/css 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/structure.css?random=0202

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

86b37c93e9cb475a61caf7b565e6c277c2345d415d245528edbb67115b9909d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
vary: Accept-Encoding
content-length: 87645
x-xss-protection: 1; mode=block
x-dis-request-id: a6c1caa8518dce748aa0d0092915ecc3

GET
H2 200 app.css
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/ 88 KB
20 KB 177ms
95ms Stylesheet
text/css 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/app.css?random=0202

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

7ad38d5bd96af2200a29be553bada45ac5fc481733157cd2273e0104afad7867

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
vary: Accept-Encoding
content-length: 20218
x-xss-protection: 1; mode=block
x-dis-request-id: 3249ccaf950e4750d32a462caad6008b

GET
H2 200 ar.typography.css
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/ 702 KB
26 KB 177ms
96ms Stylesheet
text/css 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/ar.typography.css?random=0202

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

f0316d11780ec6e4607d7abe21657d0e102a9c9d53ad154f7f2c455c7b4366f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
vary: Accept-Encoding
content-length: 26554
x-xss-protection: 1; mode=block
x-dis-request-id: ae1891cad295fe04cfb030eec022a3e7

GET
H2 200 master.theme.css
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/ 2 MB
91 KB 177ms
96ms Stylesheet
text/css 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

4dca96b985bc05db945f78d9e7a72563c51c4b9a089249131b8d5c1c8d52b206

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
vary: Accept-Encoding
content-length: 92778
x-xss-protection: 1; mode=block
x-dis-request-id: ec30104b55f9253005458e0c77536d72

GET
H2 200 section.theme.css
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/ 496 KB
13 KB 177ms
96ms Stylesheet
text/css 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/section.theme.css?random=0202

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

cf6c8f051e72ba8ac08d7db5044e85c28620855da5963c1cb4bf21621c9a6e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: text/css;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
vary: Accept-Encoding
content-length: 13001
x-xss-protection: 1; mode=block
x-dis-request-id: 924235a6ae893a3b1b70a8867e2b522d

GET
H3 200 invisible.js Show response
fore-dnty-rtyj.sad-net-q8.buzz/cdn-cgi/challenge-platform/h/g/scripts/ 43 KB
16 KB 47ms
45ms Script
application/javascript 2606:4700:3033::ac43:a3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fore-dnty-rtyj.sad-net-q8.buzz/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651687200

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a3c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b4ae543a1ef63a816f31ebfec1c98295960f5708ce9b6803f7a1d2193a72eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3aB3gYUA1siHPrmLZz8VFdr%2BsW%2Fe5%2BIf7%2B1d9DIyaJUIt2eWJaEktUq%2F3CrLMTQjHVhAIYoxr5hF1DgXVva6bcB7pCbfPpDGJRQaGphoOCTJ4cnYn65p47QJcbAwcBUTHJgHIPAgHPkeNN1CBGy3mTnGiYqqIVhJqmVSqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 706322d74fd46933-FRA
vary: Accept-Encoding

GET
H2 200 sabq%2F2022-04%2F9dd6b709-619b-4207-ae28-d02b52d9911d%2Fnews_010820_saudi_king.jpg
gumlet.assettype.com/ 17 KB
18 KB 96ms
18ms Image
image/webp 2a04:4e42::311
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gumlet.assettype.com/sabq%2F2022-04%2F9dd6b709-619b-4207-ae28-d02b52d9911d%2Fnews_010820_saudi_king.jpg

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b69acb4779e6931ad8220e8bb7125f445b0e8806083d51daafe6ed46b83e04ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-gumlet-pc: MISS
date: Wed, 04 May 2022 18:00:28 GMT
via: 1.1 varnish
nel: {"report_to": "gumlet-nel", "max_age": 604800, "success_fraction": 0.01, "response_headers":["content-length"] }
x-gumlet-reqid: 62673ad1bbd5077fb3f55a47
age: 754794
x-gumlet-oc: HIT
x-cache: HIT
access-control-max-age: 1728000
x-gumlet-runtime: 0.118
strict-transport-security: max-age=31557600
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17508
x-served-by: cache-hhn4063-HHN
x-timer: S1651687228.117112,VS0,VE0
etag: 62d0df24e1d50a80
vary: accept
report-to: {"group": "gumlet-nel", "max_age": 604800, "endpoints": [{"url": "https://nel.gumlytics.com/report"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=8640000, s-maxage=31536000
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-cache-hits: 32

GET
H2 200 app.bundle.js Show response
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/ 2 MB
224 KB 76ms
76ms Script
application/javascript 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/app.bundle.js?random=0202

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

137556c04d6d60e1f073b86898b8707e06f17c3a5fef22f9ca7753f6d3e68a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
vary: Accept-Encoding
content-length: 229277
x-xss-protection: 1; mode=block
x-dis-request-id: 036f8ae801a3021498222572dde4d2a0

GET
H2 200 js_cleverTapEvnets.js Show response
www.alarabiya.net/.resources/aa-fe-templating/webresources/js/ 13 KB
2 KB 77ms
76ms Script
application/javascript 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/js/js_cleverTapEvnets.js?random=0202

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

1fd529707fc7a6e248c99e099061a9899e32d5d53d94fb30213307240d92b7d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
vary: Accept-Encoding
content-length: 1775
x-xss-protection: 1; mode=block
x-dis-request-id: 802bc2c97695135c834ffb747cc9a057

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 108ms
25ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 04 May 2022 18:00:28 GMT
x-host: s7.addthis.com
content-length: 116376

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 104ms
22ms Script
application/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:53:41 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: application/javascript; charset=UTF-8
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 970328491

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 52 B
186 B 326ms
106ms Script
text/html 192.99.0.58
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4651964&@f16&@g1&@h1&@i1&@j1651687228139&@k0&@l1&@m%D8%A8%D8%A3%D9%85%D8%B1%20%D8%A7%D9%84%D9%85%D9%84%D9%83..%20%D8%A5%D9%82%D8%A7%D9%84%D8%A9%20%D8%B1%D8%A6%D9%8A%D8%B3%20%D9%85%D8%B7%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%AC%D8%AF%D8%A9%20%D8%B1%D9%8A%D8%A7%D9%86%20%D8%B7%D8%B1%D8%A8%D8%B2%D9%88%D9%86%D9%8A%20%D9%88%D8%AA%D8%B4%D9%83%D9%8A%D9%84%20%D9%84%D8%AC%D9%86%D8%A9%20%D8%AA%D8%AD%D9%82%D9%8A%D9%82%20%D8%A8%D8%A7%D9%84%D9%81%D8%B3%D8%A7%D8%AF&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:175665339&@b3:1651687228&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.0.58 , Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500326.ip-192-99-0.net
Software: /
Resource Hash: abd28e261ddb6673671a22c9f96e2eb9c29c0f179675a0874ca9c6f2d3a587a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date: Wed, 04 May 2022 18:00:28 GMT
Connection: close
Content-Length: 52
Content-Type: text/html;charset=UTF-8

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 86ms
38ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q3XGLYLVNM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152745701-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9c3874141e5a252554e5ab77dc7f14724b1f2076d1be5bf8cd46e713bd81229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67637
x-xss-protection: 0
expires: Wed, 04 May 2022 18:00:28 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/ 308 KB
110 KB 98ms
54ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3342869996252685&plah=fore-dnty-rtyj.sad-net-q8.buzz

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b7f1ec92f504dd6c2ce7b47177fac22d3bdced8cb212f4decb19d7908d2b298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112666
x-xss-protection: 0
server: cafe
etag: 13030507778495400813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 04 May 2022 18:00:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220502/r20190131/ Frame 1F69 10 KB
5 KB 70ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220502/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 19:56:32 GMT
etag: 1428802124239944296
expires: Tue, 17 May 2022 19:56:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 87ms
31ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/app.css?random=0202

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 May 2022 17:07:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 04 May 2022 18:00:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 May 2022 18:00:28 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
173 B 80ms
29ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Q3XGLYLVNM&gtm=2oe520&_p=2098763455&_z=ccd.tbB&cid=1157342385.1651687228&ul=en-us&sr=1600x1200&_s=1&sid=1651687228&sct=1&seg=0&dl=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&dt=%D8%A8%D8%A3%D9%85%D8%B1%20%D8%A7%D9%84%D9%85%D9%84%D9%83..%20%D8%A5%D9%82%D8%A7%D9%84%D8%A9%20%D8%B1%D8%A6%D9%8A%D8%B3%20%D9%85%D8%B7%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%AC%D8%AF%D8%A9%20%D8%B1%D9%8A%D8%A7%D9%86%20%D8%B7%D8%B1%D8%A8%D8%B2%D9%88%D9%86%D9%8A%20%D9%88%D8%AA%D8%B4%D9%83%D9%8A%D9%84%20%D9%84%D8%AC%D9%86%D8%A9%20%D8%AA%D8%AD%D9%82%D9%8A%D9%82%20%D8%A8%D8%A7%D9%84%D9%81%D8%B3%D8%A7%D8%AF&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q3XGLYLVNM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 18:00:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fore-dnty-rtyj.sad-net-q8.buzz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 70ms
21ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152745701-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1538
date: Wed, 04 May 2022 17:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 04 May 2022 19:34:50 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
649 B 83ms
29ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fore-dnty-rtyj.sad-net-q8.buzz&callback=_gfp_s_&client=ca-pub-3342869996252685

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3342869996252685&plah=fore-dnty-rtyj.sad-net-q8.buzz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

f343bdb1dc0aa3ace1a1e11fdd64d943e041848acff442c421aac39d0127c6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 83ms
28ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fore-dnty-rtyj.sad-net-q8.buzz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 75ms
29ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fore-dnty-rtyj.sad-net-q8.buzz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C8C7 232 KB
63 KB 494ms
454ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&adk=1812271804&adf=3025194257&lmt=1651687228&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228182&bpp=3&bdt=176&idt=166&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3991584096787&frm=20&pv=2&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=182

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12a7b53f0b78dfbe4b55ef8ac0e7d184c4aca7044907a0275260efe2374b8dbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 64514
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 18:00:28 GMT
expires: Wed, 04 May 2022 18:00:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1BFB 65 KB
21 KB 390ms
360ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=600&slotname=5914239063&adk=2628446172&adf=41369079&pi=t.ma~as.5914239063&w=300&lmt=1651687228&psa=0&format=300x600&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228185&bpp=1&bdt=179&idt=182&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=-200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CniCGruPDj&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=189

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f673948b0faf2ab0964a2487ad6979f8f6e3991f4dc38d726ec9b68a60a6fcc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 21161
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 18:00:28 GMT
expires: Wed, 04 May 2022 18:00:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 217 KB
69 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8PZ4D&l=adStat

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

481ec15e1eb959f91e1b09227920513f34df00ff761ff1df9b0e289f441e349f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70266
x-xss-protection: 0
expires: Wed, 04 May 2022 18:00:28 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 68 KB
23 KB 104ms
22ms Script
application/x-javascript 2600:9000:2156:3800:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 39ce831c2d42884a6bc694df10253f7d52b9e6c18c9e92b7ee5b00ba7ad0c14d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 16:14:48 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 00:10:52 GMT
server: nginx
age: 6340
etag: W/"625f4f8c-110d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: hjpYgO8GE2kGtzFCvpoza5wctYNciQ1jeOMUuhoBqkpvCANKBSrYAg==
expires: Wed, 04 May 2022 18:14:48 GMT

GET
H2 200 icon-language.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 25 KB
25 KB 40ms
40ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-language.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

21cde34053d13b6f5c6ef7c04fb616c7df953591f475428584f55d2ee7ab8547

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 25265
x-xss-protection: 1; mode=block
x-dis-request-id: dbcad413673626621d7e418f4ebcf70c

GET
H2 200 icon-chevron-down.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 387 B
651 B 40ms
37ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-chevron-down.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

4e49c0db8fe5c52ddc31a2df0bb613c7cbe3c69a564f74cbffc7dda78d122ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 387
x-xss-protection: 1; mode=block
x-dis-request-id: 2b4ad9cc78e072c6eed5c26afe745bb1

GET
H2 200 logo@2x.png
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/gfx/logo/ 8 KB
8 KB 40ms
38ms Image
image/png 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/gfx/logo/logo@2x.png

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/structure.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

500262eae1ee1af01a018fc6ba8d47d9b7f00146668ec4a4d624ce2e112a8f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/structure.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/png;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 8217
x-xss-protection: 1; mode=block
x-dis-request-id: 609575ab90d88f9690f64dc8aa134202

GET
H2 200 icon-search-arabic.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 435 B
699 B 41ms
38ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-search-arabic.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

2c14b2615cb95d0eb73503fee2d91f4ec21926e28b9ba71898179020e9bb69dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 435
x-xss-protection: 1; mode=block
x-dis-request-id: 9ddb8a68ecba7a60d94d1ea7276f59be

GET
H2 200 icon-day-mode.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 1 KB
2 KB 51ms
49ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-day-mode.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

32bd9710b41bc7d8e44a972f53113dfcd580bb252d4eea5c8649cfc717db6b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 1397
x-xss-protection: 1; mode=block
x-dis-request-id: d0ef345b6c35c4598581cbdda9cd1710

GET alarabiyaBoutros2020-Bold.woff2
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/ 0
0

GET alarabiyaBoutros2020-Regular.woff2
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/ 0
0

GET alarabiyaBoutros2020-Light.woff2
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/ 0
0

GET NotoNaskhArabic-Bold.woff2
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/ 0
0

GET
H2 200 icon-night-mode.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 530 B
794 B 49ms
49ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-night-mode.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

d0fc97aadf3487ba739c96f3959bc6215760eedab71882aaf775f052be0c45ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 530
x-xss-protection: 1; mode=block
x-dis-request-id: 9e3ec8eda36def545f181b68a8f437fe

GET
H2 200 icon-live.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 490 B
755 B 49ms
49ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-live.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

d539a6bdc5528f1d3b0f0cdbbd3d19db0a3d6c94416ab7b7e9bd575575adb574

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 490
x-xss-protection: 1; mode=block
x-dis-request-id: b7b827568999bc84450795b283e366e3

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D4A 23 KB
10 KB 174ms
172ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=6456950493&adk=2924068312&adf=2281059226&pi=t.ma~as.6456950493&w=1200&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228508&bpp=11&bdt=502&idt=11&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GldSzAzPE6&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f736fc7d51db738e8cd31109c15620a90d7b864f00e35100cc2859c5a8fdeac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9782
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 18:00:28 GMT
expires: Wed, 04 May 2022 18:00:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 icon-facebook-rgb.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 818 B
1 KB 32ms
31ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-facebook-rgb.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

fcb871bfa7ae1daf23bcfb549938bff3ef1075a96e63d2a15397614a6691d3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 818
x-xss-protection: 1; mode=block
x-dis-request-id: eef6001236494e607c80aef9bcf6c9c4

GET
H2 200 icon-twitter-rgb.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 1 KB
2 KB 33ms
32ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-twitter-rgb.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

9c7a6a0a10501df413e51ac24dfb427b3e6c04bb36c3a366f7b8cd4a73663bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 1450
x-xss-protection: 1; mode=block
x-dis-request-id: afa21a2c548c18f08457fd666319188a

GET
H2 200 icon-telegram-rgb.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 879 B
1 KB 33ms
32ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-telegram-rgb.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

27acb3b4f9ccc152e5fc95d294e23559f1a7d5994971e4ece6c2d1cbc44acb84

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 879
x-xss-protection: 1; mode=block
x-dis-request-id: 0b93985929057f9d78747ff5776b30ff

GET
H2 200 icon-whatsapp-rgb.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 1 KB
1 KB 33ms
33ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-whatsapp-rgb.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

b23ffd4ae2cd04bc4d22d0b99275fa7c5d663f3637580e0799b745070934250c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 1252
x-xss-protection: 1; mode=block
x-dis-request-id: 2960e37ebc715eeb83003a1083266835

GET
H2 200 icon-timeline.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 2 KB
1 KB 64ms
63ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-timeline.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

0c04397947420d22fe0dcad2ebdce7bc1a5e60420ff4b9a6a1d50791782c1eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-dis-request-id: fed4a40e6bd14617a51fb5d2af38458f

GET
H2 200 icon-fact-checked.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 819 B
1 KB 63ms
63ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-fact-checked.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

c8d813beffa369489dfef50cae363dac8dbf6f0d8d878c294d6c49e1872b0b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 819
x-xss-protection: 1; mode=block
x-dis-request-id: f85ddbf849dab651a5ad0468fe8a2baa

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9A4C 130 KB
42 KB 293ms
292ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=5770006049&adk=2469541264&adf=640048489&pi=t.ma~as.5770006049&w=706&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=706x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228531&bpp=14&bdt=525&idt=14&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C1200x280&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mx1icGSbP1&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40b2f66f22ab4e409082bb1106b3a26906c1f35ca7d52f85351b423e22d4ff25

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLqEqbS2xvcCFXRgxgodmi8Hpw&gqi=PL9yYseeI4OeYIGVuNAP&layout=/sadbundle/%24csp%253Der3%24/5940512166600267152/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43012
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLqEqbS2xvcCFXRgxgodmi8Hpw&gqi=PL9yYseeI4OeYIGVuNAP&layout=/sadbundle/%24csp%253Der3%24/5940512166600267152/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 18:00:28 GMT
expires: Wed, 04 May 2022 18:00:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 75C1 142 KB
45 KB 258ms
258ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=3143842704&adk=3857897314&adf=3101209253&pi=t.ma~as.3143842704&w=706&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=706x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228551&bpp=1&bdt=545&idt=1&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C1200x280%2C706x280&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=aEW9lwBhfq&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f3821b94d5d2483794e9c8748c66b9a53bc593a55c6086b886be82d5167578b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIq6qbS2xvcCFaPGOwId-4wPaQ&gqi=PL9yYqDaI9SaYaaxqsgI&layout=/sadbundle/%24csp%253Der3%24/5940512166600267152/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46325
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIq6qbS2xvcCFaPGOwId-4wPaQ&gqi=PL9yYqDaI9SaYaaxqsgI&layout=/sadbundle/%24csp%253Der3%24/5940512166600267152/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 18:00:28 GMT
expires: Wed, 04 May 2022 18:00:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 71ms
28ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2098763455&t=pageview&_s=1&dl=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&ul=en-us&de=UTF-8&dt=%D8%A8%D8%A3%D9%85%D8%B1%20%D8%A7%D9%84%D9%85%D9%84%D9%83..%20%D8%A5%D9%82%D8%A7%D9%84%D8%A9%20%D8%B1%D8%A6%D9%8A%D8%B3%20%D9%85%D8%B7%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%AC%D8%AF%D8%A9%20%D8%B1%D9%8A%D8%A7%D9%86%20%D8%B7%D8%B1%D8%A8%D8%B2%D9%88%D9%86%D9%8A%20%D9%88%D8%AA%D8%B4%D9%83%D9%8A%D9%84%20%D9%84%D8%AC%D9%86%D8%A9%20%D8%AA%D8%AD%D9%82%D9%8A%D9%82%20%D8%A8%D8%A7%D9%84%D9%81%D8%B3%D8%A7%D8%AF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1605999021&gjid=1915232526&cid=1157342385.1651687228&tid=UA-152745701-1&_gid=545360656.1651687229&_r=1&gtm=2ou520&z=589436899

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fore-dnty-rtyj.sad-net-q8.buzz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon-back-to-top.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 432 B
696 B 32ms
32ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-back-to-top.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

36e06456164f050983b6142187b44701695b68b4ae367879f14f61a25bdf8815

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 432
x-xss-protection: 1; mode=block
x-dis-request-id: e69e21cb0b559837eb03de7625a9b66b

GET
H2 200 icon-social-media-facebook-circle-colored.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 647 B
911 B 34ms
33ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-social-media-facebook-circle-colored.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

1402b2ee3d5436f4ff51e549f12349a605fbe38e481b07543715301e5dddaf99

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 647
x-xss-protection: 1; mode=block
x-dis-request-id: 05d5109c5789ed0a0b6acfd467280a4d

GET
H2 200 icon-social-media-twitter-circle-colored.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 2 KB
2 KB 34ms
33ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-social-media-twitter-circle-colored.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

7a3fb5742c3e8f815eea6249b75c8beb430bb6d817e3b6d325a9a0563c79cc47

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 1870
x-xss-protection: 1; mode=block
x-dis-request-id: 7fc4cd27841d162db87cda292fe491c3

GET
H2 200 icon-social-media-instagram-circle-colored.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 3 KB
3 KB 34ms
32ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-social-media-instagram-circle-colored.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

48d805dda34129b9b567b6bf0731013efe43a58474040d61cf21765222a914a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 2726
x-xss-protection: 1; mode=block
x-dis-request-id: a5553e2b3087678fe4a3491628b5a893

GET
H2 200 icon-social-media-snapchat-circle-colored.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 1 KB
1 KB 34ms
32ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-social-media-snapchat-circle-colored.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

a43583612446704c57a1eceb171645daa59139ed98fa1f4f0a8e7b6cd00ba3d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 1247
x-xss-protection: 1; mode=block
x-dis-request-id: c52700f5498ef8e7307590dcd61876ca

GET
H2 200 icon-social-media-youtube-circle-colored.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 2 KB
2 KB 34ms
32ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-social-media-youtube-circle-colored.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

b1adc3031f6dd145bb9474f9d9a63d478afaa0d5157eb5b294a84860c80c9653

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 2256
x-xss-protection: 1; mode=block
x-dis-request-id: e79ae0d839fe313ffe2c14e4a112c5f9

GET
H2 200 icon-social-media-telegram-circle-colored.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 1 KB
2 KB 34ms
33ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-social-media-telegram-circle-colored.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

038add02be415e7db8c2c0e144be234baa6713c3b50812d45545ec3b06dc78ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 1352
x-xss-protection: 1; mode=block
x-dis-request-id: 8af63c7097f8cb901dd4a0611db7f3dc

GET
H2 200 icon-social-media-linkedin-circle-colored.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 1 KB
2 KB 60ms
59ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-social-media-linkedin-circle-colored.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

fa83ea26221705fbfcb3c4bcda2a339ba1e2491cca346ba7f190b55977bc1117

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 1409
x-xss-protection: 1; mode=block
x-dis-request-id: bebaf0b3b973851069693ebfb1c8b5cd

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 185ms
18ms Script
application/x-javascript 69.192.161.152
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.161.152 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-152.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=59028
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET alarabiyaBoutros2020-Bold.woff
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/ 0
0

GET alarabiyaBoutros2020-Regular.woff
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/ 0
0

GET NotoNaskhArabic-Bold.woff
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/ 0
0

GET alarabiyaBoutros2020-Light.woff
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/ 0
0

GET
H3 200 1.bundle.0c146a3b2239a525471c.js Show response
fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/ 985 B
1 KB 28ms
27ms Script
text/html 2606:4700:3033::ac43:a3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/1.bundle.0c146a3b2239a525471c.js

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/app.bundle.js?random=0202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a3c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ae7105f04391694a0925f14025917503a1b1f83c021aec66abbc6078f2a37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2655
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 May 2022 17:16:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ERQxGyx8unaPKYV0JLP3eikWwP8trVS%2FkzGWEwRRFgDGoETlKyYTkFFPIGVDgK4RvAazZVhv12WXlWjTtsLngkQkAh9ris4UEgTitzQ5aUkSTP176yKwqdb6lSK8XGLw3ZH65g7%2FF%2BF94yuttN9GH9yBNHxbEzfISxx9Wnk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 706322db98c66933-FRA

GET
H3 200 14.bundle.0c146a3b2239a525471c.js Show response
fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/ 985 B
1 KB 27ms
27ms Script
text/html 2606:4700:3033::ac43:a3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/14.bundle.0c146a3b2239a525471c.js

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/app.bundle.js?random=0202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a3c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ae7105f04391694a0925f14025917503a1b1f83c021aec66abbc6078f2a37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2655
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 May 2022 17:16:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2iVehOrA8ctOmm%2FpsGj%2BeuhkYp6eWNxxJj36Q4sYiaF0Me6PnNhtmK%2FPqeQDTAomfOZAwZKjmYu6awM0vuAoK5uOnm75nrpCIcNNpZuN253eFknzKuMu17vmAgbGdgS9Cb3gtist6x1kVqOSoAswYGYm4QVvKxhGUk27dA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 706322db98c96933-FRA

GET
H3 200 78.bundle.0c146a3b2239a525471c.js Show response
fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/ 985 B
1 KB 31ms
31ms Script
text/html 2606:4700:3033::ac43:a3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/78.bundle.0c146a3b2239a525471c.js

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/app.bundle.js?random=0202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a3c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ae7105f04391694a0925f14025917503a1b1f83c021aec66abbc6078f2a37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2655
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 May 2022 17:16:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nIRrJr741WbDEZB7Zd43YarZOhH95PX1WYXLwt4SaCWSJ3mCBcjAa0yS1fqMa3P%2F%2BwWqeEDO0P64zn8a2ZyyHNxs2mlGgNARDx1DHSsDIdSa4%2BGpu6vZtEbBSnU%2BO0u8EXO%2BaawmJuEWKDR3C263rseNVHECabmlVa5YfE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 706322db98ce6933-FRA

GET
H3 200 133.bundle.0c146a3b2239a525471c.js Show response
fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/ 985 B
1 KB 36ms
35ms Script
text/html 2606:4700:3033::ac43:a3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/133.bundle.0c146a3b2239a525471c.js

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/app.bundle.js?random=0202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a3c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ae7105f04391694a0925f14025917503a1b1f83c021aec66abbc6078f2a37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2655
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 May 2022 17:16:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7hyZKDSGJpPRcihme8K8cYJafgn1eyeDxxHZseKx3bOsvfx84xbJaFCAPgKe%2FDg4qe2rNam0kb2OMbUzh4jF6nv5wBV%2FIxfxyvkaRReerKvz50gvv5%2BKctIkjBUa0x52RiUPJxZx%2BoVyp8rSV3KJbgf9uMtPxM3QaEe%2BD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 706322db98d06933-FRA

GET
H3 200 152.bundle.0c146a3b2239a525471c.js Show response
fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/ 985 B
1 KB 27ms
27ms Script
text/html 2606:4700:3033::ac43:a3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/152.bundle.0c146a3b2239a525471c.js

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/app.bundle.js?random=0202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a3c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ae7105f04391694a0925f14025917503a1b1f83c021aec66abbc6078f2a37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2656
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 May 2022 17:16:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gB6%2BWepRTW6zQyyXgfehvFp%2BNJ%2F%2BmGjxRXNiKIRV4YvpjhrPXfGEy9JtWFgRHeTpCqa7QrG8oltGDtNssbmbPmDPzMDxOR2RymjpUD5nj19Eplia%2FwEOk3dl3VaBIfX51oC0KaNEzTxZDIEFlATcLb0fW6IfNO7WGji%2BsPU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 706322db98d36933-FRA

GET
H3 200 117.bundle.0c146a3b2239a525471c.js Show response
fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/ 985 B
1 KB 32ms
31ms Script
text/html 2606:4700:3033::ac43:a3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/117.bundle.0c146a3b2239a525471c.js

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/app.bundle.js?random=0202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a3c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ae7105f04391694a0925f14025917503a1b1f83c021aec66abbc6078f2a37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2656
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 May 2022 17:16:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNPFwj2FXFUHMc2PKr7KcIZjthGz67K%2F4hMumEQAOQfpWhJ21K%2BPkLwlYq3nx%2BFESXhYxfcvHFsGKwoDtnkFJcO6XNbD6Ofwjo69H%2Ft00XXZvKT%2FQ9bRWgtRXDLrlgcbE6ivMjuYCcfBSG7PXpO%2B2rSWJQ47Wm3cujJm9fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 706322db98d76933-FRA

GET
H3 200 126.bundle.0c146a3b2239a525471c.js Show response
fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/ 985 B
1 KB 31ms
30ms Script
text/html 2606:4700:3033::ac43:a3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/126.bundle.0c146a3b2239a525471c.js

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/app.bundle.js?random=0202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a3c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ae7105f04391694a0925f14025917503a1b1f83c021aec66abbc6078f2a37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2655
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 May 2022 17:16:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tf8aM0JXqZUb4WBvQAIbWJ9RNv5BUP4Q4EfiemwXRkf1LB8DowFMiG9RzbhBH0%2FrP%2FYqAIki0ajFH8aQLqMazgD1kZLIFNFYKntWI6NmzPqrziKugoH7cdgoyjosHkM7%2B0MB4YFoD8H0BKO9moW4Y0PyZ3ljwllOz9NhlRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 706322db98d96933-FRA

GET
H3 200 63.bundle.0c146a3b2239a525471c.js Show response
fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/ 985 B
1 KB 45ms
45ms Script
text/html 2606:4700:3033::ac43:a3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/63.bundle.0c146a3b2239a525471c.js

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/app.bundle.js?random=0202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a3c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ae7105f04391694a0925f14025917503a1b1f83c021aec66abbc6078f2a37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2655
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 May 2022 17:16:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHrePkQXYSdR3MVex9WUMPPnD39Mc6Lzt7PHwifCgJHVL8hM28Mu%2F1WicU49xtJ5Meey2eyMcoDJvy%2B9m4C8wiQYVOXVOcWXBTsKQhCgjrkbeoMAeQxtQVrJhxwEp8NekOb%2BUD1Ux99EqVR%2F%2FB2HuI7x8yuN%2BKlvkfeejIA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 706322db98dc6933-FRA

GET
H3 200 101.bundle.0c146a3b2239a525471c.js Show response
fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/ 985 B
1 KB 31ms
31ms Script
text/html 2606:4700:3033::ac43:a3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/101.bundle.0c146a3b2239a525471c.js

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/app.bundle.js?random=0202

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a3c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51ae7105f04391694a0925f14025917503a1b1f83c021aec66abbc6078f2a37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2655
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 May 2022 17:16:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7jfHikjBIX3o2gDPEH9y0ttqFghcvcA2fDxKkXUZ0JBHpQlhbfqutVCNYKOzXx%2Fq5pBm0cf4b8f3fXgiD5m%2FOHtDABizimdDiff9O1%2FTYGStbnkaa1i4BTDgWU9E3LGVgBKxgqy4llpMKHHYVhLUmUi4O3P8allr7ZVxO8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 706322db98df6933-FRA

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5e993c65e0b62784/ 3 KB
907 B 418ms
49ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5e993c65e0b62784/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f9ab450344ece1e1f68be1576a184ce306b97c98a746359dd8836290a5346adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
etag: -1574254553--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=43, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 730

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 199ms
191ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=6272bf3ca3174879&bkl=0&bl=1&pdt=230&sid=6272bf3ca3174879&pub=ra-5e993c65e0b62784&rev=v8.28.8-wp&ln=ar&pc=men&cb=0&ab=-&dp=fore-dnty-rtyj.sad-net-q8.buzz&fp=jorg&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1651687228736&jsl=131072&uvs=6272bf3cd5a392c1000&skipb=1&callback=addthis.cbs.jsonp__153079969516654260
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 35e9d832afb7220b910beb48c7ccc5e0621733dd517ac2c9d1e1878efe05e865

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 18:00:28 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 53A8 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 3978 71 KB
26 KB 26ms
25ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Wed, 04 May 2022 18:00:28 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.ar.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 118ms
60ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.ar.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

72d2367dc35967c758f93deefb69e76a1cfed9be0dcab06fc8ae2bf8d37bc879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-11fd"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Wed, 04 May 2022 18:00:28 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1925

GET
H2 200 icon-chevron-left.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 384 B
649 B 32ms
32ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-chevron-left.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

b67c845954161526f642c7cf8fbfd08b1be75abfeca6a0d8a65a3ccd38569ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 384
x-xss-protection: 1; mode=block
x-dis-request-id: f20c5835d6d8d8c6550df8e7ed45d4f5

GET
H2 200 icon-close.svg
www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/ 466 B
730 B 63ms
63ms Image
image/svg+xml 69.172.201.191
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/icons/icon-close.svg

Requested by

Host: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.172.201.191 , Canada, ASN19324 (DOSARREST, US),

Reverse DNS

Software

Resource Hash

5950947750a59002e17c2ea0a79c2f53835b170957f64d01a62d1a3aec9ce771

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/master.theme.css?random=0202
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=UTF-8
cache-control: max-age=3600, public, proxy-revalidate
strict-transport-security: max-age=63072000
content-length: 466
x-xss-protection: 1; mode=block
x-dis-request-id: 8c4ab8d2fe31d803216b71907adddab8

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 318ms
103ms Image
image/gif 52.86.105.134
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=fore-dnty-rtyj.sad-net-q8.buzz&p=%2Fjorg%2F&u=DnJY3jgXEGjdI8dV&d=fore-dnty-rtyj.sad-net-q8.buzz&g0=ar%20articles&g1=Alarabiya.net&n=1&f=00001&c=0&x=0&m=0&y=2896&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=971&t=D7qIcgDazOaLDMyeJuwJ0zQDb9Xpo&V=132&i=%D8%A8%D8%A3%D9%85%D8%B1%20%D8%A7%D9%84%D9%85%D9%84%D9%83..%20%D8%A5%D9%82%D8%A7%D9%84%D8%A9%20%D8%B1%D8%A6%D9%8A%D8%B3%20%D9%85%D8%B7%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%AC%D8%AF%D8%A9%20%D8%B1%D9%8A%D8%A7%D9%86%20%D8%B7%D8%B1%D8%A8%D8%B2%D9%88%D9%86%D9%8A%20%D9%88%D8%AA%D8%B4%D9%83%D9%8A%D9%84%20%D9%84%D8%AC%D9%86%D8%A9%20%D8%AA%D8%AD%D9%82%D9%8A%D9%82%20%D8%A8%D8%A7%D9%84%D9%81%D8%B3%D8%A7%D8%AF&tz=0&sn=1&sv=BXInSRC7v2ybm66A7Bnk95ADwJEjp&sd=1&im=06632cf0&_
Requested by: Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.105.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-105-134.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 18:00:29 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame 6D4A 3 KB
1 KB 90ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=6456950493&adk=2924068312&adf=2281059226&pi=t.ma~as.6456950493&w=1200&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228508&bpp=11&bdt=502&idt=11&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GldSzAzPE6&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:58:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D4A 120 KB
37 KB 92ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160178c39d1766871699e6ec601ded1376873834318f71aab6bc76017cedb34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651491962848324"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 May 2022 18:00:28 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame 6D4A 15 KB
7 KB 75ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:57:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6D4A 0
0 63ms
62ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQm_tPL9yYoHnIo2u6gSBrrmAAcme0rFcvfGU93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMzQyODY5OTk2MjUyNjg1oAHVttLqA8gBCakCBx2cGeCrsT6oAwGqBIgCT9D-Vo7aHqVLD4aaYjNC0uVjEC1aGdb34ktz2dv8tt_ZjoYZFcmEMs-OERk6_VVRtqGKkBDzcWSbe4bcREK_yyT3Kesf3NH-lT3AqNN6_Rkm_3uvYCQf4UtFMWPTe8Cbb_wzyFqAID0UpNEltXuerqYHW2LsMvHE3-N37orfMhYMdivJFEtLVDMbKkKRgkrNg0qJigdT-e8FZvfBF-1vW-lqW_z6JNbH8gyeHk2vVLGpu2HsHvQL3TbAu4dg2f6U0w8Y9ugXHFxZ6ZhT17d-HR1Z4kzZUZnEH5Gb2tNEzeZZckvBerGlpHgsW6XKk5yRYun5uLYgTbmuYm3lzi3hadEgO5vrnpC8gAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMzQyODY5OTk2MjUyNjg1GAA&sigh=gPOCjNm76wY&uach_m=[UACH]&cid=CAQSGwCNIrLM5xnBbdP-JT-98r3RTCmtZ4i5Td8QlRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=6456950493&adk=2924068312&adf=2281059226&pi=t.ma~as.6456950493&w=1200&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228508&bpp=11&bdt=502&idt=11&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=400&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GldSzAzPE6&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 04 May 2022 18:00:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 04 May 2022 18:00:28 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 6D4A 0
0 127ms
37ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPi0Ecz6RLAJmAKdg2ICAgAAAHh2opaFMqSjEDy_cmKyzqSXISNaM44oMgASAAA&wp=YnK_PAAIs4EKmpcNAA5XAUb6Wcf7MMHXTLczew

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 299332
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 27DB 121 KB
43 KB 564ms
109ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnK_PAAIs4EKmpcNAA5XAUb6Wcf7MMHXTLczew&u=%7CqV4xStgj3ftqzPRQvUZCTjkbOrMvzD1pqO2bvMyNP%2Fs%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl5wdET7w9LynqxZ2q2b6eyvATEkK-dB2iRSA7NxMilhlpW3kGtCeb94GabdqrQbkYXw7ioddBLNoeMP8UFDQA4LsxleBxn7sFkBJ4Ze024PhT5x6AK1TXqhKutKMcIkV3zgXd7AYp2nAH8M7AZmV2u1vmQ6BaU1ZXSuRSXnpXMGnVi62_nlMWVsbubDVTK7QhS609sdHfRgv3HB4SsuGCwQVkTlnZU6z1BVSmUTlzcz3NAO0499yOLx-LRtUtDYgP2zQqKGad0akqnszxlI6fW-WgQPnJ8o-R4RRJSLEKJEskoD7IV07l3whgiZRnCa_2aEAJ7jZMssjRCOobDyiHtNMeYGLK_w0avY6JOFys5rWqqkqa790cASZ2v-rr9HsRPSUiyRW2sPRf2d3OdZJjy_yh-rcHSf3_8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6DKbPL9yYoHnIo2u6gSBrrmAAcme0rFcvfGU93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMzQyODY5OTk2MjUyNjg1oAHVttLqA8gBCakCBx2cGeCrsT6oAwGqBIsCT9D-Vo7aHqVLD4aaYjNC0uVjEC1aGdb34ktz2dv8tt_ZjoYZFcmEMs-OERk6_VVRtqGKkBDzcWSbe4bcREK_yyT3Kesf3NH-lT3AqNN6_Rkm_3uvYCQf4UtFMWPTe8Cbb_wzyFqAID0UpNEltXuerqYHW2LsMvHE3-N37orfMhYMdivJFEtLVDMbKkKRgkrNg0qJigdT-e8FZvfBF-1vW-lqW_z6JNbH8gyeHk2vVLGpu2HsHvQL3TbAu4dg2f6U0w8Y9ugXHFxZ6ZhT17d-HR1Z4kzZUZnEH5Gb2tNEzeZZcgnDWyMiK-Q_5DneMEysxBHwrLyWR5e24Nkt84sT1s8MIx5BGoMDUMZfgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_250SyUz4vgvvJlkdDAnUvypk0gAQ%26client%3Dca-pub-3342869996252685%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4a0e0ecf52b89c44d60274806a40186c2eef51fbd3a2d17485915dce1fe0cc3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 18:00:28 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=uE3hwMy4egWRdEBDi-pkCIXFg5DCOAbztVX5gecM2gNCUmOjtBsdk8gpYUXANTTvLd5Nbzl8nc5h3Oq9YzsO5IU7KGdlDMki6X1AU8wlfrugkwYhFPihpeUmPU6ffNG7Lz8_M1zDOAkz_xS_TMXdH0zhhk8hxYO7mXSazlT6lFP4WgwFdliUcXL1UeM9qi_Fqd_IQpS-RzYlP2SBW-cZ-oYfzkP81URDp-AJB06LZST6cd5ahvhwud6DQNEk055zh_oZTg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 66132865
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 pica.js
fore-dnty-rtyj.sad-net-q8.buzz/cdn-cgi/challenge-platform/h/g/scripts/ 30 KB
10 KB 33ms
33ms Other
application/javascript 2606:4700:3033::ac43:a3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fore-dnty-rtyj.sad-net-q8.buzz/cdn-cgi/challenge-platform/h/g/scripts/pica.js

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a3c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

901872e5d8e3ba1da641f2bcf417886ea1e3f450e1b9a59f4ebb7a3c54b889e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxrxRgi2PtXHTazvqSVGuOykYsVPNTvbBeSp3B4XZ%2FpKzfEbjTNMiHcwkD%2BxQ3nblcPVfinSzojYBlBFOgKl9GvfAWNLAxj86Zssh7%2BkZCGD6QNlzX9pVvvqASv5a8npAtHQk062eSnACw77h3%2FFlQJElOJgNue7I6COFfE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 706322dc5a796933-FRA
vary: Accept-Encoding

GET
H3 200 css
fonts.googleapis.com/ Frame 1BFB 8 KB
891 B 72ms
30ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=600&slotname=5914239063&adk=2628446172&adf=41369079&pi=t.ma~as.5914239063&w=300&lmt=1651687228&psa=0&format=300x600&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228185&bpp=1&bdt=179&idt=182&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=-200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CniCGruPDj&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=189

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dafcfb8e5da88fc67a5eb628e432d27437f87fb6e4a47bc308d58ec03d510309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 May 2022 16:04:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 04 May 2022 18:00:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 May 2022 18:00:28 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame 1BFB 2 KB
983 B 70ms
33ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:58:48 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/ Frame 1BFB 19 KB
8 KB 57ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:59:11 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame 1BFB 3 KB
1 KB 61ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:58:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame 1BFB 15 KB
6 KB 60ms
24ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:57:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BFB 120 KB
37 KB 95ms
52ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160178c39d1766871699e6ec601ded1376873834318f71aab6bc76017cedb34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651491962848324"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 May 2022 18:00:28 GMT

GET
H2 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 1BFB 30 KB
13 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 10:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 546004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 23:07:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 10:20:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1BFB 0
0 62ms
62ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSXZsPL9yYrKJG43q6wSG-pm4A8Gq1MFprOGVyO8P2tkeEAEg4KnHQGCVAqAB56_JzwPIAQGpApr7gVjisLE-qAMBqgSSAk_QWihhtdUfy7xsNoefMSHxbVj4CFR1JgdRoY5PfUSUx0mtwI6xfBQZcZPUooDrT44dzWAAi9F-ATMjJzO3W-DdL3oFshwBAKFLu-dN_lcM3HR0w67w_MGBjZHDJYWt3pwDQ3OqQWKRYDzgzlN8BCRU2qJHEL3WKfXbdfktk6a1hRB_zMhCLuvZOOg1rP_QDmCKy8Y8BCtd9gX88O9JlVOHgwR71XY-sihxsJGhnBZQMU6w-5hZw4OXN81b9NRCLU8a62gXhfEkY8-B5aYy1VCfdsBuWBQlU0HpfhiZO21zdzVYuaB23qxNwOknxEFQvdMr5OmEstsJDrMHjUaw_MKoy7ZKJD6FnvMearXXVNvFz9vABOuUhNH4A5IFBAgEGAGSBQQIBRgEgAeB0LYwqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQodM-0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBmBYBgBcBshccChoIABIUcHViLTMzNDI4Njk5OTYyNTI2ODUYAA&sigh=wLB9jPEnfC4&uach_m=[UACH]&template_id=5020

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=600&slotname=5914239063&adk=2628446172&adf=41369079&pi=t.ma~as.5914239063&w=300&lmt=1651687228&psa=0&format=300x600&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228185&bpp=1&bdt=179&idt=182&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=-200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CniCGruPDj&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 04 May 2022 18:00:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 04 May 2022 18:00:28 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/ Frame 3130 117 KB
28 KB 37ms
36ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aedea348a6e454d8681bb87fcd32fd777922f7fe3f67f77867c0d0b708318647

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 207845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26823
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 08:16:23 GMT
expires: Tue, 02 May 2023 08:16:23 GMT
last-modified: Fri, 22 Apr 2022 08:17:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9EF2 0
0 88ms
87ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkZALPL9yYoqsJKON78EP-5m-yAa81Zbxaf7147DmD-OQxd2EMBABIOCpx0BglQKgAcXqmbkCyAEJqQKa-4FY4rCxPqgDAcgDSKoEmQJP0I5y-Oaaxx-8U8eoISNVCZTWJj1YW06oeQ47pQoOFBUQP8VVtA-b1sqGH4MntGt7UCaJbBj199B_nh3RYDw_vwy24NcBjO03Wrj129HPt2P9E0m5t2hQwkqTzdWSOZLMS9WKRc40bsUhpbzUgSFyu35VwTGMXJMVx8OC5p1ZnNaB2i1fIF2hG5c-1WTS_uX9TS40caItRVo8qGG4dxF9Bufsm5NkG9GQkdL5iOHYJ65YShUaD516-CwHjXmw0XD7VLhG4pbU1NjyrQRZiyzEOz25NeAjTPQGEfEMTFAvwvV4eUizOMM-sN3OHqKhrhgWwX15G1nsIuy5gw295278Ne2WszpuYo4dtSQYQr_iPbi0PU7TDp1HfcAE4rjlxoAEoAYugAejlebGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEP3SBdIICQiA4YAQEAEYH4AKAcgLAdgTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMzQyODY5OTk2MjUyNjg1GAA&sigh=53orVQpvDh0&uach_m=[UACH]&template_id=419

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=3143842704&adk=3857897314&adf=3101209253&pi=t.ma~as.3143842704&w=706&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=706x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228551&bpp=1&bdt=545&idt=1&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C1200x280%2C706x280&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=aEW9lwBhfq&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 04 May 2022 18:00:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 04 May 2022 18:00:28 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/ Frame 9EF2 19 KB
8 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=3143842704&adk=3857897314&adf=3101209253&pi=t.ma~as.3143842704&w=706&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=706x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228551&bpp=1&bdt=545&idt=1&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C1200x280%2C706x280&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=aEW9lwBhfq&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:59:11 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame 9EF2 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:58:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame 9EF2 15 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:57:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9EF2 120 KB
37 KB 66ms
63ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160178c39d1766871699e6ec601ded1376873834318f71aab6bc76017cedb34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651491962848324"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 May 2022 18:00:28 GMT

GET
DATA 200
OK truncated
/ Frame 1BFB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/ Frame 0514 117 KB
26 KB 63ms
22ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aedea348a6e454d8681bb87fcd32fd777922f7fe3f67f77867c0d0b708318647

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 207845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26823
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 02 May 2022 08:16:23 GMT
expires: Tue, 02 May 2023 08:16:23 GMT
last-modified: Fri, 22 Apr 2022 08:17:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DC55 0
0 60ms
60ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNTjQPL9yYrr2I_TAmQaa35y4CrzVlvFp_vXjsOYP45DF3YQwEAEg4KnHQGCVAqABxeqZuQLIAQmpApr7gVjisLE-qAMByANIqgSYAk_QbpYaUKjNyDazwrMc4afUimMfl9rJSrFA1riP9m9jyYaGi1jpM1GGdajjNUpN0shCfLlrMsrUGoPRQuWp1wejjw4Oe0_9wIMFC2ph4PciHrQfO_VX9NScSgZls80TAZP9C0w3seUQYEw6wlkO0WTuThrkvZFFnv52WEBhcNK1Wdx8j_9J9pNB85v7S-BiToTPLYYTfr_E5tVvrlsoZvyE9tGlwXV2shXM7Q8P7F-CuF3D4fJb5JcGmSJQ-Xfn4dKlDB3uH-eaErriE1ORGHfr1173ZeCmShK3oBimW2xpn_5Aal6M1_DBy5eHrIj5GqHg_c75QAb2n4CSP3wxtkRe-8zTcJ-I0mjf56wrazKLfjOlhzI0y13ABOK45caABKAGLoAHo5XmxgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCtnwTSCAkIgOGAEBABGB-ACgHICwHYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItMzM0Mjg2OTk5NjI1MjY4NRgA&sigh=zJAYrtSrPr8&uach_m=[UACH]&template_id=419

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=5770006049&adk=2469541264&adf=640048489&pi=t.ma~as.5770006049&w=706&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=706x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228531&bpp=14&bdt=525&idt=14&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C1200x280&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mx1icGSbP1&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 04 May 2022 18:00:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/ Frame DC55 19 KB
8 KB 74ms
34ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=5770006049&adk=2469541264&adf=640048489&pi=t.ma~as.5770006049&w=706&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=706x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228531&bpp=14&bdt=525&idt=14&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C1200x280&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mx1icGSbP1&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:59:11 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame DC55 3 KB
1 KB 84ms
45ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 18:00:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC55 120 KB
36 KB 84ms
42ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160178c39d1766871699e6ec601ded1376873834318f71aab6bc76017cedb34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651491962848324"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 May 2022 18:00:29 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame DC55 15 KB
6 KB 60ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:57:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FA4F 143 B
163 B 19ms
19ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=3143842704&adk=3857897314&adf=3101209253&pi=t.ma~as.3143842704&w=706&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=706x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228551&bpp=1&bdt=545&idt=1&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C1200x280%2C706x280&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1684&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=aEW9lwBhfq&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 17:06:41 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3130 16 KB
6 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 04 May 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3130 26 KB
10 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 May 2022 16:13:39 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/ 146 KB
52 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204270101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

817b1485c1a6cb5a993a7037b611cc857ccbbc552e004647a566897548708a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52974
x-xss-protection: 0
server: cafe
etag: 756479314205957071
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 04 May 2022 18:00:29 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A435 143 B
163 B 19ms
19ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=600&slotname=5914239063&adk=2628446172&adf=41369079&pi=t.ma~as.5914239063&w=300&lmt=1651687228&psa=0&format=300x600&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228185&bpp=1&bdt=179&idt=182&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1220&ady=-200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CniCGruPDj&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=189
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 17:06:41 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9EF2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7efbd3f001f86aa92e58a0f21e427ba6fdcbf2a52a75073a524dc569f6ea54f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1BFB 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37950b0d5a24528c5250276687c25c1ffa20c335853a39a1fa7e3a9e6ead9978

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0514 16 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 23:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66722
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 04 May 2022 23:28:27 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0514 26 KB
10 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 05 May 2022 16:13:39 GMT

GET
DATA 200
OK truncated
/ Frame 6D4A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eda487aec2e0875f43cfb387ed70f614f2c57b7c82162999b9a70d0e7288239a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3342 143 B
163 B 27ms
27ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3342869996252685&output=html&h=280&slotname=5770006049&adk=2469541264&adf=640048489&pi=t.ma~as.5770006049&w=706&fwrn=4&fwrnh=100&lmt=1651687228&rafmt=1&psa=0&format=706x280&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651687228531&bpp=14&bdt=525&idt=14&shv=r20220502&mjsv=m202204270101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600%2C1200x280&nras=1&correlator=3991584096787&frm=20&pv=1&ga_vid=1157342385.1651687228&ga_sid=1651687228&ga_hid=2098763455&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=605&ady=1026&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31066184&oid=2&pvsid=3462552182740302&pem=121&tmod=1656366866&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=mx1icGSbP1&p=https%3A//fore-dnty-rtyj.sad-net-q8.buzz&dtd=17
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 17:06:41 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 1BFB 28 KB
28 KB 89ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 71302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 22:12:07 GMT

GET
DATA 200
OK truncated
/ Frame DC55 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d9376781c06bc94e504f2e767615aea6a39a3261cb05f6aeb86098b95600f2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 79ms
37ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fore-dnty-rtyj.sad-net-q8.buzz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 77ms
30ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fore-dnty-rtyj.sad-net-q8.buzz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/ Frame 3837 10 KB
4 KB 19ms
19ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 20:04:51 GMT
etag: 1428802124239944296
expires: Tue, 17 May 2022 20:04:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/ Frame D49D 10 KB
4 KB 19ms
19ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 20:04:51 GMT
etag: 1428802124239944296
expires: Tue, 17 May 2022 20:04:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 706322d6ae8c905b Show response
fore-dnty-rtyj.sad-net-q8.buzz/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
777 B 50ms
49ms XHR
text/plain 2606:4700:3033::ac43:a3c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fore-dnty-rtyj.sad-net-q8.buzz/cdn-cgi/challenge-platform/h/g/cv/result/706322d6ae8c905b

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1651687200

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:a3c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrFf4cepPyCBzKJeiIG9hN1UwYJ5GjQuqme84v677y63aRDctAbsXBtSEaGQyJnyL86LdevzsFLYCz2JxnYR2xaMpCEO1s3xDVA8D1oSoHYqdTvOHdMDXMNkomIbqf%2Fk%2BbjBwnhby5ioZnZI2peA%2FLxJfOBpkxM24J0ez6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 706322dff9e86933-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FA4F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

82ms
78ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 18:00:29 GMT
expires: Wed, 04 May 2022 18:00:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 18:00:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A435
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

123ms
121ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 18:00:29 GMT
expires: Wed, 04 May 2022 18:00:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 18:00:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 38ms
38ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 04 May 2022 18:00:29 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3 200 css2
fonts.googleapis.com/ Frame 3837 4 KB
634 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 May 2022 16:02:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 04 May 2022 18:00:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 May 2022 18:00:29 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3837 205 B
229 B 65ms
22ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:18:00 GMT
x-content-type-options: nosniff
age: 2549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 May 2023 17:18:00 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3837 604 B
628 B 63ms
21ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:48:28 GMT
x-content-type-options: nosniff
age: 721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 04 May 2023 17:48:28 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/elements/html/ Frame 3837 19 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:48:44 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 27DB 2 KB
1 KB 92ms
29ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnK_PAAIs4EKmpcNAA5XAUb6Wcf7MMHXTLczew&u=%7CqV4xStgj3ftqzPRQvUZCTjkbOrMvzD1pqO2bvMyNP%2Fs%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5KgFh9XNQv4JdLNIKaOnb5OzEWkIpq6r1BJdkqejnNl5wdET7w9LynqxZ2q2b6eyvATEkK-dB2iRSA7NxMilhlpW3kGtCeb94GabdqrQbkYXw7ioddBLNoeMP8UFDQA4LsxleBxn7sFkBJ4Ze024PhT5x6AK1TXqhKutKMcIkV3zgXd7AYp2nAH8M7AZmV2u1vmQ6BaU1ZXSuRSXnpXMGnVi62_nlMWVsbubDVTK7QhS609sdHfRgv3HB4SsuGCwQVkTlnZU6z1BVSmUTlzcz3NAO0499yOLx-LRtUtDYgP2zQqKGad0akqnszxlI6fW-WgQPnJ8o-R4RRJSLEKJEskoD7IV07l3whgiZRnCa_2aEAJ7jZMssjRCOobDyiHtNMeYGLK_w0avY6JOFys5rWqqkqa790cASZ2v-rr9HsRPSUiyRW2sPRf2d3OdZJjy_yh-rcHSf3_8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC6DKbPL9yYoHnIo2u6gSBrrmAAcme0rFcvfGU93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zMzQyODY5OTk2MjUyNjg1oAHVttLqA8gBCakCBx2cGeCrsT6oAwGqBIsCT9D-Vo7aHqVLD4aaYjNC0uVjEC1aGdb34ktz2dv8tt_ZjoYZFcmEMs-OERk6_VVRtqGKkBDzcWSbe4bcREK_yyT3Kesf3NH-lT3AqNN6_Rkm_3uvYCQf4UtFMWPTe8Cbb_wzyFqAID0UpNEltXuerqYHW2LsMvHE3-N37orfMhYMdivJFEtLVDMbKkKRgkrNg0qJigdT-e8FZvfBF-1vW-lqW_z6JNbH8gyeHk2vVLGpu2HsHvQL3TbAu4dg2f6U0w8Y9ugXHFxZ6ZhT17d-HR1Z4kzZUZnEH5Gb2tNEzeZZcgnDWyMiK-Q_5DneMEysxBHwrLyWR5e24Nkt84sT1s8MIx5BGoMDUMZfgAbvnYGk15WtmxugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_250SyUz4vgvvJlkdDAnUvypk0gAQ%26client%3Dca-pub-3342869996252685%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:00:29 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 27DB 2 KB
1 KB 93ms
29ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:00:29 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 27DB 308 B
637 B 79ms
28ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 29 Apr 2023 18:00:29 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 27DB 507 B
835 B 81ms
30ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 29 Apr 2023 18:00:29 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 27DB 43 B
348 B 119ms
36ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Uu_B0VgLZnpK0PxU1OnM9rwR6Zn4gjI6EoqeVM9wWKg0af3O76ODlCm92o-Vc1RVadA6rr7mlC6JfMoxHSAIszJDwShL4t_q36VCtP9FlYvGXv2MtR3Y9ACZJENAYVGMYO6426t6TvihthJerZ6nTTj3ENS8SoE2MXze-0mCMJNAjXPoWYa-k2DIZn8Hgjx2B2TeZ1_ZPn3gGvdbbtuDhWMhknq4Km1r-YVo_-4WwYDyo5u-0m0Bgx4RHb6bMSCasQEbVUnj-d-s4jdYWpJmR65v_jCh9xv93Pr8_W_79ABm5URPRUoH4x2Va6VwO6sL13vzZhan2lZSpP1eb1VnO1uZjOwhq5GO3Hm6LSGOvIzvOaeefkEdcBxlD_vLaY-9RqQnPh65CoYgRnRoABQDEG_2zm3ehB0aS7LMUaIdnoke9cXGFVaXfp2W7c5m9In0mQJBhQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 18:00:28 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3003496
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D49D 0
0 64ms
64ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWZ6VPL9yYsuHG4Xd6wSQtKywDqisofBi_NfV984Nhrbc99sjEAEg4KnHQGCVAqAB4bruugHIAQKpAgcdnBngq7E-qAMByAPJBKoEqAJP0DoBsRHJddn678zrY32zbG8ThNc1ripyo3U4x8vQjxi-cgHMYeskVUk5-BFberistr0iIjtrFdVpD4TtI2XknqLBf6LD-A63hJH87zwg9oOQtdf-URZMj8NvdS4LlGMzvidGmgmVTePMFPnfNVGj9AedQ59C9t__VWoQqqGeHcoXIFKm32rdHxUYw_yV5lzr5c8OF89E5lYX2M6cwOLXFY13A_gh39oKUrX35OOqZt9XRstTL4LZgvFxcMvGMvY3KUoey13todbA714t01zo08z8Yg0D-QUzNp-df4Azh5UpZkzmMeHw--Ca-KREG8HlclcsWFOYjxjiqw8nZjUB80JdV-U7ldMgzVHOaTl2buCI8TGTp9917m0vxucxXadv1VQT1O2lf8AEwJaKlsQDkgUECAQYAZIFBAgFGASgBgKAB4fFkcUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQisgD0ggJCIDhgBAQARgfgAoByAsB2BMK0BUBgBcBshccChoIABIUcHViLTMzNDI4Njk5OTYyNTI2ODUYAA&sigh=c8W8Zk_oty4&uach_m=[UACH]

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 04 May 2022 18:00:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/ Frame D49D 19 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:59:11 GMT

GET
H3 200 7952908105900802760
tpc.googlesyndication.com/simgad/ Frame D49D 40 KB
40 KB 22ms
21ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7952908105900802760?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlgCFBlohDse0sWVwIRWa2PmSdXUg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f11b40b1a86b22c2cee7e7d8732ddedeb782a27527a778f9c9bce05f78e09694

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 17:22:23 GMT
x-content-type-options: nosniff
age: 88686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41228
x-xss-protection: 0
last-modified: Fri, 16 Apr 2021 12:04:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 03 May 2023 17:22:23 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame D49D 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 18:00:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D49D 120 KB
36 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160178c39d1766871699e6ec601ded1376873834318f71aab6bc76017cedb34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651491962848324"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 May 2022 18:00:29 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame D49D 15 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:57:24 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame D49D 30 KB
12 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 13:34:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15977
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12278
x-xss-protection: 0
server: cafe
etag: 12178443437409350037
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 13:34:12 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3342
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

123ms
121ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 18:00:29 GMT
expires: Wed, 04 May 2022 18:00:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 18:00:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3130 35 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 06:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 06:47:02 GMT

GET
H3 200 970x250_3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/ Frame 3130 51 KB
51 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/970x250_3.jpg

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6da7875f78caa56b2ce19e6ee70a0789e6638e69a8e9e8ae8e831a9200eada

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 207846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52507
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 08:17:35 GMT
server: sffe
date: Mon, 02 May 2022 08:16:23 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 May 2023 08:16:23 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 27DB 12 KB
5 KB 85ms
41ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 585541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZtPcO9u5AOMPRQuikiyovbLMqAeH3MuK8YAdwsS7%2BCPx6kSlSkUjT55xC7vdBFaAuxPFxiqHMoKYqSm6Uj3NtlqdsrFbNwu17j%2BmjPfXx05uxryP%2FOebET9pzfsf%2FKuxC6akGSqWyYFLCEK8pYzH8L9w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 706322e0afbf9957-FRA
expires: Mon, 24 Apr 2023 18:00:29 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 27DB 12 KB
6 KB 55ms
29ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:00:29 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 27DB 68 KB
68 KB 130ms
67ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:00:29 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 27DB 68 KB
68 KB 122ms
60ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:00:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 27DB 24 KB
24 KB 391ms
26ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F211022%2F45f963b9b4db4061b7e96b7b9b33fb3d_img_horizontal_1.png&v=3&w=1200&s=aIsSsacyWVs96MWgv5ZIoipd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30731036
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24138
expires: Tue, 25 Apr 2023 10:24:25 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 27DB 0
128 B 94ms
27ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=uE3hwMy4egWRdEBDi-pkCIXFg5DCOAbztVX5gecM2gNCUmOjtBsdk8gpYUXANTTvLd5Nbzl8nc5h3Oq9YzsO5IU7KGdlDMki6X1AU8wlfrugkwYhFPihpeUmPU6ffNG7Lz8_M1zDOAkz_xS_TMXdH0zhhk8hxYO7mXSazlT6lFP4WgwFdliUcXL1UeM9qi_Fqd_IQpS-RzYlP2SBW-cZ-oYfzkP81URDp-AJB06LZST6cd5ahvhwud6DQNEk055zh_oZTg&sds=2&rev=81333&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 04 May 2022 18:00:28 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 27DB 2 KB
1 KB 30ms
28ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:00:29 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 27DB 2 KB
1 KB 33ms
32ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 29 Apr 2023 18:00:29 GMT

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0514 35 KB
13 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 06:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 06:47:02 GMT

GET
H3 200 970x250_3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/ Frame 0514 51 KB
51 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/970x250_3.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5940512166600267152/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e6da7875f78caa56b2ce19e6ee70a0789e6638e69a8e9e8ae8e831a9200eada

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 207846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52507
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 08:17:35 GMT
server: sffe
date: Mon, 02 May 2022 08:16:23 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 02 May 2023 08:16:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E034 8 KB
892 B 30ms
30ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 04 May 2022 17:01:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 04 May 2022 18:00:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 04 May 2022 18:00:29 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame E034 2 KB
911 B 18ms
18ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:58:48 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/ Frame E034 19 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:59:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:59:11 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame E034 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 18:00:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E034 120 KB
36 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160178c39d1766871699e6ec601ded1376873834318f71aab6bc76017cedb34a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37332
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651491962848324"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 May 2022 18:00:29 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/ Frame E034 15 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220502/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 17:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 18 May 2022 17:57:24 GMT

GET
H3 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame E034 30 KB
12 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 10:20:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 546005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 23:07:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 10:20:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 62E4 143 B
163 B 24ms
19ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 17:06:41 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D49D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f00ec13da42f31c95c418d5fd007672d0ace3d321a3c5a7ed03ccdd6792c0a6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 159.1c3fceccbc80f2a3615f.js Show response
s7.addthis.com/static/ 564 B
634 B 66ms
65ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/159.1c3fceccbc80f2a3615f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-234"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 04 May 2022 18:00:29 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 394

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
281 B 351ms
170ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://fore-dnty-rtyj.sad-net-q8.buzz/jorg
last-modified: Wed, 04 May 2022 17:00:00 GMT
server: nginx/1.15.8
date: Wed, 04 May 2022 18:00:29 GMT
content-type: application/json
access-control-allow-origin: https://fore-dnty-rtyj.sad-net-q8.buzz
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 35 B
298 B 552ms
372ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg&callback=_ate.cbs.rcb_28bt0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

158ee4404aba9a0d18a89adac3e415bebbaaa2aaded74cef3a158ed01310b5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: fore-dnty-rtyj.sad-net-q8.buzz/jorg
last-modified: Wed, 04 May 2022 18:00:30 GMT
server: nginx/1.15.8
date: Wed, 04 May 2022 18:00:30 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 55

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 35 B
298 B 518ms
338ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Ffore-dnty-rtyj.sad-net-q8.buzz%2Fjorg&callback=_ate.cbs.rcb_990b0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7c617d44d41f66e0cb7957de9fe0f9eaf708a077dfff7aa52603cf64d98b541e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: fore-dnty-rtyj.sad-net-q8.buzz/jorg
last-modified: Wed, 04 May 2022 18:00:30 GMT
server: nginx/1.15.8
date: Wed, 04 May 2022 18:00:30 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 55

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E341 143 B
163 B 20ms
18ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 17:06:41 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 62E4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

110ms
110ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 18:00:30 GMT
expires: Wed, 04 May 2022 18:00:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 18:00:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 39DA 35 KB
13 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 06:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 06:47:02 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E341
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

71ms
70ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220502/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 18:00:30 GMT
expires: Wed, 04 May 2022 18:00:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 04 May 2022 18:00:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 0DBE 35 KB
13 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: fore-dnty-rtyj.sad-net-q8.buzz
URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 06:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 06:47:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6D4A 42 B
64 B 91ms
51ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssz1L0afaV0ty1ASUnOQOKH8Q2_7fRbs-CqxQe921KG2_MgkI84ipCR4-EeKBoaozGUUKhyh29ZxfEvyyMlfmhr&sig=Cg0ArKJSzBWq3Q8mLZs2EAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220502&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2924068312&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651687228528&rpt=483&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 18:00:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 34ms
34ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220502&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5c0892e819189ed8e0b6489fc701b4d1581b0dd34f9a2ebcd65500700da6aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 04 May 2022 18:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10490
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DC55 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoIiEq7GPhV9kei4zg2EbEf--S8XIRbK6uo02ddhd1e_WEY71tx-7ZMIF0s9S2zohJdFS7YP_UmGTZBJGohB1-XwtoWnJKXWYXwls5RrWyzO2buplRkwLJpdTh0aElyqJ8Rd6sWc3uLiRJrzAPseAGD8_i0_X5VO9pSzF757CamtvH148ADKpb8iInHKF0GJN0LweCm7wx8JWRR7Yu6drI3uZ6F36B4lcXjfJdGewzVo8MrYAT1cViieFZ8Noi2RV3p8__YTJBEvmAG4UsFEpMZgob2MOCvoCpqQiLTOI1JvDGamcLCnS4DXt2J-PhDtI-eGLL7vYPv7Ae_NAzXO8O3q3xRKWVhnwhauW0PNPUesXYyCHEGgUXBuBoit3EsuzvRlmfgxvQ_jhntShb02D-YTgHtzIfm_EC073fHMeSK0xb-PiCAZnv1Y-xN_cMWw8xlAv0Knbq4fC9hUEbsA2VtTeIyb8RQYvzgG-A_ln3BGJrXOoreEfXhLyO59bGJfjI-QRaa2IFwek4OQpveuq-PiOofKAdAuW1ef-ZKlb9yAwm4ee3XSoqVRzQsODTDF1F4pK5Tp63-iL8oYWD1X_62jHJFSB_kx7lCVcAxKkMxn4OE2mDu2ApQLdqutmvtdvlV6LSQeKu3zATKY5guBCIeaRWSmrofESmk4-JBIKtVMh_HWHa7orWZpPrvGgyI7CaDOqDZ_TG8qGIxcFW_Q04h7t2irPbAeUuFWk7TxtpqNRhz8mWnI3jplw8tNl7QRyfGlEvkQPNETw0SOeqAKC_SVTTYkPXM9mbH0-E7kQGJ8dOGpyj2l3l5ax3gN78Nl-iWOau6v4t5PUCT2HtHVETzE1yn8tJV6b-oggZORxSvBcEasRhDjafLnqeOjNZKZZi19vR6CVz-4bjc2a74VRF6rSAbcfY4pT7WC6NkkX8bAkXv3R7ahAN9_QvX5vdgpeiwACrku8q907DRICnqMhlGokVR_QdgWi66OzMlZPsZPuviZWT1e-f0Mk_h4vQoFsFZvCBL820yMIQGmTqfArrBQ6ntI20aO-nXWF3-g&sai=AMfl-YRSs3zqENEX5YjaGj_gaHG5Gxu62uoUp9cR9G09K7rghwgt9M-6Dc40q6VH5iD-XhuhVTI1cdHjmISeM3Zh-VN-mJ1D8ry0LA&sig=Cg0ArKJSzMZMLHdTnRp3EAE&id=lidar2&mcvt=1000&p=0,0,181.96875,706&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220502&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=2&adk=2469541264&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651687228922&rpt=218&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 18:00:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 04 May 2022 18:00:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8F72 13 KB
5 KB 19ms
18ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 18:00:00 GMT
expires: Thu, 04 May 2023 18:00:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4D03 783 B
536 B 31ms
31ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cff99ac5d8a0fba3e36a4e88e4c9afed9f256ca0ec6f40d916f897126ffc1f24

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CbVL0X6vwoQoNBLDTRN86Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-CbVL0X6vwoQoNBLDTRN86Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 04 May 2022 18:00:30 GMT
expires: Wed, 04 May 2022 18:00:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F72 35 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 06:47:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13654
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 03 May 2023 06:47:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4D03 0
0 73ms
73ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220502&jk=3462552182740302&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8F72 0
9 B 18ms
18ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bjAgMA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 18:00:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1BFB 42 B
64 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupDVgOdNjVfydG2s0a32DoElNta5olhUkDdNTrZqdaQ_fDmkkl9RGVaOTS0RinpeUoucktIIZnHp14_D7rgiRR4XbgDvpXThIu1g3Ry-67kPiudhhsTu8n42iW&sai=AMfl-YS4s3Hf6ie2_dLzsqTBdPuZfO0S_gOPsLZyAGYJYWNW4IDVwx_mS7IHJSIAFDMFLUgBdg9A930-Qt8I&sig=Cg0ArKJSzOdIpILZ_SYcEAE&id=lidar2&mcvt=1003&p=0,0,600,300&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&v=20220502&bin=7&avms=nio&bs=0,0&mc=0.67&if=1&vu=1&app=0&itpl=22&adk=2628446172&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651687228375&rpt=845&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 18:00:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 27DB 0
127 B 28ms
28ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 04 May 2022 18:00:29 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D49D 42 B
64 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKhl_em9A0AnfcmNYuksttA_anD1oKUaEIU4Gihg_AAjwfPL_C_joAD4RDjc1GEYWcrAlOE3b-BZYMS_lvyISGDFt8cxhysWw3JjmbhzQRU5jrTkIT_U1srrky&sai=AMfl-YQKQeNpUB12qBUi4fbQcQGRHKlQ-MKh4j_dQrciWsmBayHuJ9aowQfkLivC54igWQ84NDvD4g2tAdiK&sig=Cg0ArKJSzDdLz_qgZyhTEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=207,891,1000,1062,1062&tos=207,684,109,62,0&v=20220502&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651687229192&rpt=414&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 04 May 2022 18:00:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 120ms
119ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220502&jk=3462552182740302&bg=!BwSlBEDNAAZNIUvJbSE7ACkAdvg8WoiRVW50bKoJjFYOOwFpTwYT4Uj2gWJw4aTIJrNWXYXw_IM7SAIAAABZUgAAAAJoAQcKAKPRUUZ8CK6l6iadrx8xutfqqXdHffZA4bCoc0rb9OmLU-QXL3aBfIx1a-qxKgNK3gjX7_1Kcr1achpNxSGLo74rnF92pzWzWAIF99wJWrYgxLJvTLS3dX_l4wGNRVbqAJ8obovy3ALHcy9OtIo88PzRsbb0nEf8738-rHx9iNKoQLMjY-wR_jBPmHYYqtDHeKonyCQk8Clscu-g596cMnNgrBdNmQKytLc721uBHg0KevOq7BraplOkyv9SNdpfZgxAt0BQS-bMPC5vGJu95ZdfNbkAMqetx-wJU8aTByPb3woLFO1mQirlNXyPQYyH5Y_DBLA5_vkzw_PvRohkN-6j-jS_8-shug88m_e41Bdx4UmH-sCzDDh0V_puGQPOYDxnhKaCK08C6jK47lcKXqbhS3bCZO_cAOKkmg7ZuEL-2xzRYBBP5aSLPrLyuKmFU9sRumUFQ8pvDmubYdcnr7gMefg3f8TLdmlMHS0nPBgiOex9W0QFbvI6c_9uP1ulM3loeFrTUq_6tl94Y6iDYJmQp2i4l_JOUrRohzRDgbPWBX9raL4HJnXiOmxUZJQd6130De_CRJulHKL15IqRI8nBB7aFnVNkyEmvXTsEqD63Oh2Pw9fpnc3rvr3M9k-Aq1ie-V1jyk4KbHSY4aK0AA5LLoTsB2t7MQBaaGGq0jSSxtPhVnNVcpbEYM6FOD_ROsQbAZuCt39p3C2U-zc1Wj6fUnZkbqRobMjFfoSLZrGfqa3Gt-fJmSw1tMNlkQQRY5zVEgO9LuHmDcVIkiZ2J62nteMmImW19mgTWvcDZsqQ_Q26c8wjL09KQI4txDGs92KnfBUag9rXcq8wYMLK26axPoTEJqQmB-8dzzJHlNMpzlZN03VZDMufrg73RGfOO-EqYrAoWvWFByBDReTxjN_HUuyDQnfw-kVM0lr2M5WQq0T6CVtmYG37G68NKanr0rvtHD4qUwxodD_M2cMZGTscKWAFpWQ3qdOmbaCoErOTF0wmD0PxqVJC_yL24pfshMk61n78Cm-1YEI4XbnocpEMiKtfjJyG6UjzU-ccPu4Mi-XrgEe43FLYl7CLTPXRG710PmJDoNwM5k3pZTEN8f_UEapyqiWbC4g5Od1cA63Q2Zxx9ZCI_xCf
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fore-dnty-rtyj.sad-net-q8.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Bold.woff2

Domain: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Regular.woff2

Domain: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Light.woff2

Domain: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/NotoNaskhArabic-Bold.woff2

Domain: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Bold.woff

Domain: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Regular.woff

Domain: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/NotoNaskhArabic-Bold.woff

Domain: www.alarabiya.net
URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Light.woff

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fore-dnty-rtyj.sad-net-q8.buzz/	1970-01-20 11:33:43	Name: HstCfa4651964 Value: 1651687228139
fore-dnty-rtyj.sad-net-q8.buzz/	1970-01-20 11:33:43	Name: HstCla4651964 Value: 1651687228139
fore-dnty-rtyj.sad-net-q8.buzz/	1970-01-20 11:33:43	Name: HstCmu4651964 Value: 1651687228139
fore-dnty-rtyj.sad-net-q8.buzz/	1970-01-20 11:33:43	Name: HstPn4651964 Value: 1
fore-dnty-rtyj.sad-net-q8.buzz/	1970-01-20 11:33:43	Name: HstPt4651964 Value: 1
fore-dnty-rtyj.sad-net-q8.buzz/	1970-01-20 11:33:43	Name: HstCnv4651964 Value: 1
fore-dnty-rtyj.sad-net-q8.buzz/	1970-01-20 11:33:43	Name: HstCns4651964 Value: 1
.sad-net-q8.buzz/	1970-01-20 20:19:19	Name: _ga_Q3XGLYLVNM Value: GS1.1.1651687228.1.0.1651687228.0
.sad-net-q8.buzz/	1970-01-20 12:09:43	Name: __gads Value: ID=a7f132d0fcea2f4c-22297d8b89cd00ca:T=1651687228:RT=1651687228:S=ALNI_MZHFXgE7kl_KCw0Xhzy6JNmX8gNKA
.sad-net-q8.buzz/	1970-01-20 20:19:19	Name: _ga Value: GA1.2.1157342385.1651687228
.sad-net-q8.buzz/	1970-01-20 02:49:33	Name: _gid Value: GA1.2.545360656.1651687229
.sad-net-q8.buzz/	1970-01-20 02:48:07	Name: _gat_gtag_UA_152745701_1 Value: 1
fore-dnty-rtyj.sad-net-q8.buzz/	1970-01-20 12:18:21	Name: __atuvc Value: 1%7C18
fore-dnty-rtyj.sad-net-q8.buzz/	1970-01-20 02:48:09	Name: __atuvs Value: 6272bf3cd5a392c1000
fore-dnty-rtyj.sad-net-q8.buzz/	1970-01-20 12:16:55	Name: _cb Value: DnJY3jgXEGjdI8dV
fore-dnty-rtyj.sad-net-q8.buzz/	1970-01-20 12:16:55	Name: _chartbeat2 Value: .1651687228757.1651687228757.1.BXInSRC7v2ybm66A7Bnk95ADwJEjp.1
fore-dnty-rtyj.sad-net-q8.buzz/	1970-01-20 02:48:09	Name: _cb_svref Value: null
.addthis.com/	1970-01-20 12:18:21	Name: uvc Value: 1%7C18
.doubleclick.net/	1970-01-20 12:09:43	Name: IDE Value: AHWqTUnrs5V9iH30g55iqhajeobvrnxTHaoB-3lUhXT0Sc7tV6EoQraaETRzwSkRumA
.addthis.com/	1970-01-20 12:18:21	Name: loc Value: MDAwMDBFVURFSEUyMzA4MTg5MzAwMzAwMDBDSA==
.sad-net-q8.buzz/	1970-01-20 02:48:09	Name: __cf_bm Value: D4EksQ_ooLK0RKXX5E2F3it1qBNBXKPTpoVZs_cByUE-1651687229-0-AVVxCJIVZrHewvM5+CGH85V+u2/yLwRYb2FJ6/IAICHYZefNC32eIcEeFahHkYX1xe9rHgbCC7bWSWMJIiVB4a7Een+M2yj5d4h3GHToljcYZGZ5fgzFQ/8/c8Lxyz60MQ==
.doubleclick.net/	1970-01-20 02:48:10	Name: DSID Value: NO_DATA

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/(Line 1353) Message: Access to font at 'https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Bold.woff2' from origin 'https://fore-dnty-rtyj.sad-net-q8.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/(Line 1353) Message: Access to font at 'https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Regular.woff2' from origin 'https://fore-dnty-rtyj.sad-net-q8.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/(Line 1353) Message: Access to font at 'https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/NotoNaskhArabic-Bold.woff2' from origin 'https://fore-dnty-rtyj.sad-net-q8.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/NotoNaskhArabic-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/(Line 1353) Message: Access to font at 'https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Light.woff2' from origin 'https://fore-dnty-rtyj.sad-net-q8.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Light.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Message: Access to font at 'https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Bold.woff' from origin 'https://fore-dnty-rtyj.sad-net-q8.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Message: Access to font at 'https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Regular.woff' from origin 'https://fore-dnty-rtyj.sad-net-q8.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Message: Access to font at 'https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/NotoNaskhArabic-Bold.woff' from origin 'https://fore-dnty-rtyj.sad-net-q8.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/NotoNaskhArabic-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Message: Access to font at 'https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Light.woff' from origin 'https://fore-dnty-rtyj.sad-net-q8.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.alarabiya.net/.resources/aa-fe-templating/webresources/dist/assets/fonts/alarabiyaBoutros2020-Light.woff Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Message: Refused to execute script from 'https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/1.bundle.0c146a3b2239a525471c.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Message: Refused to execute script from 'https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/14.bundle.0c146a3b2239a525471c.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Message: Refused to execute script from 'https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/78.bundle.0c146a3b2239a525471c.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Message: Refused to execute script from 'https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/133.bundle.0c146a3b2239a525471c.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Message: Refused to execute script from 'https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/152.bundle.0c146a3b2239a525471c.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Message: Refused to execute script from 'https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/117.bundle.0c146a3b2239a525471c.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Message: Refused to execute script from 'https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/126.bundle.0c146a3b2239a525471c.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Message: Refused to execute script from 'https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/63.bundle.0c146a3b2239a525471c.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
security	error	URL: https://fore-dnty-rtyj.sad-net-q8.buzz/jorg/ Message: Refused to execute script from 'https://fore-dnty-rtyj.sad-net-q8.buzz/.resources/aa-fe-templating/webresources/dist/101.bundle.0c146a3b2239a525471c.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
api-public.addthis.com
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
fore-dnty-rtyj.sad-net-q8.buzz
googleads.g.doubleclick.net
gumlet.assettype.com
m.addthis.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pix.eu.criteo.net
rtb.nl.eu.criteo.com
s10.histats.com
s4.histats.com
s7.addthis.com
static.chartbeat.com
static.criteo.net
tpc.googlesyndication.com
v1.addthisedge.com
www.alarabiya.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
s7.addthis.com
www.alarabiya.net
104.75.88.126
172.217.18.98
178.250.0.160
178.250.2.135
178.250.2.150
192.99.0.58
2600:9000:2156:3800:18:1fcd:34f:cdc1
2606:4700:3033::ac43:a3c2
2606:4700::6811:190e
2a00:1450:4001:800::200a
2a00:1450:4001:801::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:829::2008
2a00:1450:4001:830::2004
2a02:2638:1::2
2a02:2638::3
2a02:2638::b
2a04:4e42::311
46.105.201.240
52.86.105.134
69.172.201.191
69.192.161.152
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
038add02be415e7db8c2c0e144be234baa6713c3b50812d45545ec3b06dc78ec
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
084a7135a2401b36223c591e41b2b60f073ab6432a8db01e3aa12708bb92f73e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0c04397947420d22fe0dcad2ebdce7bc1a5e60420ff4b9a6a1d50791782c1eb0
12a7b53f0b78dfbe4b55ef8ac0e7d184c4aca7044907a0275260efe2374b8dbd
137556c04d6d60e1f073b86898b8707e06f17c3a5fef22f9ca7753f6d3e68a5d
1402b2ee3d5436f4ff51e549f12349a605fbe38e481b07543715301e5dddaf99
158ee4404aba9a0d18a89adac3e415bebbaaa2aaded74cef3a158ed01310b5b1
160178c39d1766871699e6ec601ded1376873834318f71aab6bc76017cedb34a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fd529707fc7a6e248c99e099061a9899e32d5d53d94fb30213307240d92b7d2
21cde34053d13b6f5c6ef7c04fb616c7df953591f475428584f55d2ee7ab8547
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27acb3b4f9ccc152e5fc95d294e23559f1a7d5994971e4ece6c2d1cbc44acb84
2c14b2615cb95d0eb73503fee2d91f4ec21926e28b9ba71898179020e9bb69dc
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e6da7875f78caa56b2ce19e6ee70a0789e6638e69a8e9e8ae8e831a9200eada
32bd9710b41bc7d8e44a972f53113dfcd580bb252d4eea5c8649cfc717db6b0f
35e9d832afb7220b910beb48c7ccc5e0621733dd517ac2c9d1e1878efe05e865
36e06456164f050983b6142187b44701695b68b4ae367879f14f61a25bdf8815
37950b0d5a24528c5250276687c25c1ffa20c335853a39a1fa7e3a9e6ead9978
39ce831c2d42884a6bc694df10253f7d52b9e6c18c9e92b7ee5b00ba7ad0c14d
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3bb2af50f04c6463df72ccf8d4a38830c16437bbb16f2fdaafa78dce3a5d7767
3f3821b94d5d2483794e9c8748c66b9a53bc593a55c6086b886be82d5167578b
40b2f66f22ab4e409082bb1106b3a26906c1f35ca7d52f85351b423e22d4ff25
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
481ec15e1eb959f91e1b09227920513f34df00ff761ff1df9b0e289f441e349f
48d805dda34129b9b567b6bf0731013efe43a58474040d61cf21765222a914a0
4a0e0ecf52b89c44d60274806a40186c2eef51fbd3a2d17485915dce1fe0cc3a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dca96b985bc05db945f78d9e7a72563c51c4b9a089249131b8d5c1c8d52b206
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e49c0db8fe5c52ddc31a2df0bb613c7cbe3c69a564f74cbffc7dda78d122ec4
500262eae1ee1af01a018fc6ba8d47d9b7f00146668ec4a4d624ce2e112a8f01
51ae7105f04391694a0925f14025917503a1b1f83c021aec66abbc6078f2a37c
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5950947750a59002e17c2ea0a79c2f53835b170957f64d01a62d1a3aec9ce771
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f736fc7d51db738e8cd31109c15620a90d7b864f00e35100cc2859c5a8fdeac
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72d2367dc35967c758f93deefb69e76a1cfed9be0dcab06fc8ae2bf8d37bc879
7a3fb5742c3e8f815eea6249b75c8beb430bb6d817e3b6d325a9a0563c79cc47
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7ad38d5bd96af2200a29be553bada45ac5fc481733157cd2273e0104afad7867
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7b7f1ec92f504dd6c2ce7b47177fac22d3bdced8cb212f4decb19d7908d2b298
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
7c617d44d41f66e0cb7957de9fe0f9eaf708a077dfff7aa52603cf64d98b541e
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
817b1485c1a6cb5a993a7037b611cc857ccbbc552e004647a566897548708a83
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
86b37c93e9cb475a61caf7b565e6c277c2345d415d245528edbb67115b9909d9
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b4ae543a1ef63a816f31ebfec1c98295960f5708ce9b6803f7a1d2193a72eb1
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
901872e5d8e3ba1da641f2bcf417886ea1e3f450e1b9a59f4ebb7a3c54b889e4
972d11a37ee1c0d87539f9f52bfaa7d0edc47b0eb184d004b226b3c511a0516e
9c7a6a0a10501df413e51ac24dfb427b3e6c04bb36c3a366f7b8cd4a73663bb3
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
9d9376781c06bc94e504f2e767615aea6a39a3261cb05f6aeb86098b95600f2e
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a43583612446704c57a1eceb171645daa59139ed98fa1f4f0a8e7b6cd00ba3d8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
abd28e261ddb6673671a22c9f96e2eb9c29c0f179675a0874ca9c6f2d3a587a8
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aedea348a6e454d8681bb87fcd32fd777922f7fe3f67f77867c0d0b708318647
b1adc3031f6dd145bb9474f9d9a63d478afaa0d5157eb5b294a84860c80c9653
b23ffd4ae2cd04bc4d22d0b99275fa7c5d663f3637580e0799b745070934250c
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b67c845954161526f642c7cf8fbfd08b1be75abfeca6a0d8a65a3ccd38569ec9
b69acb4779e6931ad8220e8bb7125f445b0e8806083d51daafe6ed46b83e04ed
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c02d2e4ee660f561338f717a6dc83745ea23c4ad356a57bdfee60c3643b25b1a
c7efbd3f001f86aa92e58a0f21e427ba6fdcbf2a52a75073a524dc569f6ea54f
c8d813beffa369489dfef50cae363dac8dbf6f0d8d878c294d6c49e1872b0b6e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6c8f051e72ba8ac08d7db5044e85c28620855da5963c1cb4bf21621c9a6e3b
cff99ac5d8a0fba3e36a4e88e4c9afed9f256ca0ec6f40d916f897126ffc1f24
d0fc97aadf3487ba739c96f3959bc6215760eedab71882aaf775f052be0c45ab
d539a6bdc5528f1d3b0f0cdbbd3d19db0a3d6c94416ab7b7e9bd575575adb574
d5c0892e819189ed8e0b6489fc701b4d1581b0dd34f9a2ebcd65500700da6aae
dafcfb8e5da88fc67a5eb628e432d27437f87fb6e4a47bc308d58ec03d510309
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ca7ebd324e095c83ebf4d7fe2f52cea4cf6d640a947d441cd77bdfee4e31da
e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca
e9c3874141e5a252554e5ab77dc7f14724b1f2076d1be5bf8cd46e713bd81229
eda487aec2e0875f43cfb387ed70f614f2c57b7c82162999b9a70d0e7288239a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00ec13da42f31c95c418d5fd007672d0ace3d321a3c5a7ed03ccdd6792c0a6f
f0316d11780ec6e4607d7abe21657d0e102a9c9d53ad154f7f2c455c7b4366f8
f11b40b1a86b22c2cee7e7d8732ddedeb782a27527a778f9c9bce05f78e09694
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f33bf010d8eb067bc7154a364b667d781b02434b4b492f6c46c67a7355579d95
f343bdb1dc0aa3ace1a1e11fdd64d943e041848acff442c421aac39d0127c6d1
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f673948b0faf2ab0964a2487ad6979f8f6e3991f4dc38d726ec9b68a60a6fcc5
f9ab450344ece1e1f68be1576a184ce306b97c98a746359dd8836290a5346adc
fa83ea26221705fbfcb3c4bcda2a339ba1e2491cca346ba7f190b55977bc1117
fcb871bfa7ae1daf23bcfb549938bff3ef1075a96e63d2a15397614a6691d3f1

fore-dnty-rtyj.sad-net-q8.buzz Open in urlscan Pro 2606:4700:3033::ac43:a3c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

183 Requests

95 %HTTPS

66 %IPv6

22 Domains

32 Subdomains

30 IPs

4 Countries

2373 kBTransfer

10399 kBSize

22 Cookies

79 Outgoing links

Page URL History

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fore-dnty-rtyj.sad-net-q8.buzz Open in urlscan Pro
2606:4700:3033::ac43:a3c2 Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

95 %
HTTPS

66 %
IPv6

22
Domains

32
Subdomains

30
IPs

4
Countries

2373 kB
Transfer

10399 kB
Size

22
Cookies

183 HTTP transactions
7 data transactions